David Higgins, pictured, Senior Director, Field Technology Office, at the cyber firm CyberArk, discusses the importance of workforce identity security. Securing the workforce means more than just securing logins, he suggests.
Organisations get hit on average by a cyberattack every 42 seconds, with an average of 270 days required to detect and contain a breach. Nearly half of all breaches involve data scattered across multiple environments, putting security teams under intense strain as they oversee thousands of accounts and entitlements across both managed and unmanaged endpoints.
To protect their organisations, they implement security measures such as multi-factor authentication (MFA) and single sign-on (SSO). However, cybercriminals can easily acquire stolen credentials from the dark web at minimal cost, giving them a key piece of the puzzle to circumvent MFA. With access to a user’s legitimate credentials, they can, for instance, flood the user with MFA push notifications—hoping they approve one. Each notification is triggered by the attackers repeatedly attempting to log in with the compromised password.
By posing as genuine users, attackers can infiltrate systems undetected. As these threats grow more sophisticated, adopting an adaptive, multi-layered identity security approach is essential. Modern identity security must go beyond traditional methods, delivering dynamic protection without placing unnecessary strain on security teams. A forward-thinking identity security strategy that evolves alongside the workforce is no longer a choice—it’s a foundational requirement for enterprise resilience and long-term protection.
Expanding threat landscapes
Shared accounts, weak password practices, and unrestricted admin rights leave organisations vulnerable to ransomware, malware, and data breaches. The problem is made worse by temporary or external workers, adding to IT teams’ workload with constant requests for onboarding, off-boarding, password resets, account lockouts, and misplaced authentication devices.
Even organisations using identity security models often rely on disconnected solutions that fail to fully integrate, creating blind spots in user activity. A modern approach to identity security that treats every user as potentially privileged is essential. This requires implementing smart privilege controls that cover the entire user lifecycle, from on-boarding and role adjustments to de-provisioning and beyond.
Equally important, these controls must strike a balance between security and user experience, enabling employees to work efficiently and without unnecessary friction, from login to logout. By balancing access and security on unmanaged devices, external partners and vendors benefit from a secure pathway with controlled browsing that prevents session hijacking and cookie theft, without disrupting workflows. Robust endpoint identity security controls offer comprehensive visibility into attack paths, credential misuse, and insider threats, while smoothly integrating with third-party solutions.
Strategy into action
Centralised storage and management of identities and attributes should act as the single source of truth for all identity data. By combining MFA, SSO, lifecycle management, and endpoint security with browser, session, and password protection, the user is protected from endpoint to cloud. By eliminating identity silos and integrating controls from other areas like privileged access management (PAM), employees can securely & seamlessly access applications and resources without repetitive logins or complex authentication. The result is scalable, adaptable security that grows with your organisation, reducing the burden on internal teams by automating access management. With a combined approach to security, an employee logs in from a remote location using a single set of credentials that grants access to everything they need. No more juggling multiple logins or trying to remember yet another password.
With SSO, users log into one portal using their existing credentials, gaining access to all assigned apps with a single click. They can update profiles and reset passwords as needed—all without compromising security. Next, when they shift to web browsing, they have a range of passwordless authentication options. Since not all apps or sessions are the same, high-risk web sessions are secured with web session monitoring, recording, and controls that detect anything unusual in real time. This provides security teams with insight into user actions, safeguarding sensitive data, and creating a detailed audit trail vital for compliance and response.
Unified approach
With credentials easily accessible to the highest bidder at minimal cost, the risks have never been higher. The good news is that organisations previously weighed down by sprawling endpoints, unsecured credentials, and outdated systems have the opportunity to redefine their security strategies. By transitioning from fragmented identity and access management (IAM) approaches to a unified identity security framework, they can effectively navigate today’s evolving threat landscape — it all starts with a shift in focus and mindset.
Security cannot end at the login point; it requires a comprehensive, multi-layered defence strategy that evolves alongside increasingly sophisticated threats. Advancing workforce identity security isn’t about deploying complex security tools first—it begins with a security-first mindset. One that prioritises identities, implements layered protections, and stays agile enough to safeguard the entire user journey.
