The COVID-19 crisis has dramatically affected organisations across every industry. It has become clear that business survival in such unprecedented times is dependent on adapting to a new future where everything is digital.
This transition to digital-first is driven by three fundamental areas: operating remotely and securely; increasing operational efficiency and reducing costs; and protecting or salvaging revenue. A successful outcome for each area relies on managing digital identities effectively and securely.
Identity management, or becoming identity-centric, is a fundamental starting point in the process to become what many CEOs are describing as “digital to the core”.
Securing remote operations
Every company has had to move rapidly to keep operations running remotely. Even the simplest business processes now need to be digital, which has had a major impact on employees, customers, partners and suppliers, and led to a wave of new security challenges.
Under normal circumstances, employees would be managed by workforce Identity and Access Management (IAM). Yet, with remote working as the new norm, internal users (employees) start to behave like external users (partners, contractors, or customers). For the first time, employees do not have easy access to IT help desks or the security of the office. Their privileged access rights to sensitive resources need to be made available through the public Internet.
Remote working has meant cyberattacks are dramatically increasing. As one example, hackers have launched a new range of phishing attacks which attempt to steal the credentials of Cisco Webex users through fake certificate error warnings. 47% of security professionals have been redeployed from their frontline security duties to assist with other aspects of IT, compounding the issue of risk.
Additionally, with physical stores and face to face services now out of bounds, customers require a digital experience for every interaction. More accounts are being registered than ever before, and where users have old accounts, they will be revisited, often requiring a reset of old identity credentials – creating another opportunity for attackers.
When it comes to partners and suppliers, to keep supply chains functioning, services need to be available remotely. As an increasingly attractive target to hackers, supply chains will continue to be under threat as they are further digitised.
Increasing efficiency and controlling costs
Revenue growth is currently a common challenge, so many businesses are protecting their bottom line through other measures, like controlling costs and increasing operational efficiency. Remote working, however, has generated challenges around support desks and admin processes.
By automating manual workflows, companies can gain productivity or cost efficiencies. The current acceleration to digital has provided a unique opportunity for organisations looking to automate existing workflows.
Optimising experience to protect revenue
User experience will also play a key role for businesses aiming to gain a competitive advantage while transitioning towards digital-first offerings.
With digital services now accelerating across every industry, customer expectations are on the rise. They expect user-friendly, streamlined and efficient services when using apps – and if businesses fail to match these demands, customers can easily turns to a company’s competitors.
Ultimately, if businesses wish to retain and engage with existing customers, while also attracting new customers, providing a seamless and safe user experience is vital.
The critical role of identity
The blurring lines between internal and external users has rendered many legacy IAM systems for internal users unsuitable. Businesses have had to reassess current identity management practices and turn to modern Customer IAM (CIAM) solutions instead.
Single Sign-On (SSO), designed for external user (remote employees and customers) usage, is a good example of a CIAM capability that offers important value to a digital-first, identity-centric enterprise. As new services launch, it allows users to use a single set of identity credentials and one digital identity as they move through connected services. With fewer credentials to manage, it decreases the risk of compromise and lowers the costs for the support desk.
Multi-Factor Authentication (MFA) is another good example of how the CIAM approach differs from the legacy IAM approach. Whereas office workers have little choice and have IT helpdesk support to deal with clunky MFA devices, external users need simple, difficult-to-lose MFA solutions, including phone-based apps and passwordless login.
Lastly, CIAM solutions help reduce OPEX costs and deliver a ROI. With self-service identity management embedded into every function, CIAM decreases manual workloads. Moreover, as our culture shifts and we look to reduce face-to-face interactions, digital alternatives must replace traditional ways to validate an identity or delegate authority to third parties, which CIAM can also provide.
Digital to the core
During this time, businesses everywhere should not just be looking to optimise operations in response to the pandemic, but laying the foundation of a digital-first enterprise. Ultimately, getting digital identity right during COVID-19 will not only ensure business continuity, but also set businesses up for success long into the future.
Author: Simon Wood, CEO of Ubisecure