The Future of Our Workplace
Introduction
Change at work can be unsettling to many; but being told that from tomorrow you will no longer commute to your office, and instead must work several feet from where you have just woken up, is unheard of. Or at least it was until earlier this year.
The reality is that when lockdown was announced, the majority of the British Workforce were forced into this situation. Most of whom were seemingly unaware of what was to come; although perhaps the odd few realised that their dream of an extra hour in bed was about to become true.
But what have we really experienced in this period of lockdown? What has actually changed? And have we now transitioned into “the new normal”?
The Way Things Were
Most employees previously would wake up and head to the office, accessing all their data and applications on-premise using the corporate network. This was the way things had always been done.
But in the light of COVID-19, endless challenges have surfaced for both end-users and administrators within the workforce of organisations. Employees unable to access on-premise file shares with slow and failing VPNs hampering their days, whilst administrators were suddenly hit with the task of ensuring employees’ access was managed at unprecedented speed and strategies were in place for allowing future access to user data. Challenges that should not be faced in the year 2020!
At Okta, we knew these were challenges for businesses before COVID-19. We had already envisioned the majority of workforces working from anywhere, away from the traditional office setting, and we understood what this meant for IT administrators. Okta’s vision of Zero Trust security combined with our mission to enable any organisation to use any technology provided the foundation for organisations to tackle their access management needs.
Organisations moved as quickly as they could with mixed results with many clinging to the old way of working, following an inefficient onboarding processes with no logic and accuracy behind it. Hindsight would have told IT that they would no longer have to face the tribulation of assigning access to the workforce or handling the entire Joiner/Mover/Leaver (JML) process. This could, and should, be automated.. The weeks ahead forced organisations to adopt things like the furlough scheme and unfortunately put parts of their workforces on extended periods of leave, reinforcing the need for automation and Access Controls.
Hindsight would have told IT that they would no longer have to face the
tribulation of assigning access to the workforce or handling the entire
Joiner/Mover/Leaver (JML) process, this could, and should, be automated.
But what process would be followed to ensure the correct access was provided during this duration? And how would they smoothly transition back upon their return?
Many organisations were still following a manual process to onboard and offboard their workforce, with some using complicated scripts to automate their JML processes. However, code can be complicated, it requires maintenance, and if there’s a change in the protocol or application interface, the code requires changes too.
The Way Things Are
Employees now need to access their company resources from wherever they are, using the device of their choosing, from their first day. No longer is a VPN required to access our corporate resources. We now have the ability to do this from afar and from whatever device we wish.
As users work more from home, the previous boundaries of the office are no longer a constraint. The perimeter shift that started long ago with flexible working is now fully visible to organisations looking to predict the architecture of their infrastructure and safeguard their digital assets. However, with all this infrastructure comes complexity. An app for everything soon results in a loss of control when managed manually and visibility of this access within a workforce soon becomes a blur. With such a vast amount of job titles, determining the access a user requires can be impossible for IT. I’ve been there myself in a previous role and it was incredibly time consuming and stressful, especially when applications can have their own granular access controls within them.
Code can be at the frontline of an organisation’s Lifecycle Management to solve these issues, an effective idea at that time but as technology evolves and the workforce moves on, this becomes unmanageable. Code doesn’t have to be used to implement these granular access controls. Okta’s Advanced Lifecycle Management, in particular — Workflows, provides the ability to provision and deprovision accounts with granular controls, with zero code. For example, an organisation shouldn’t need to create a script to use the API of Box to transfer files from one user to another. Therefore, through the use of workflows we can easily do this, using no code, without the need to maintain connections in the future.
The Way Things Will Be
Identity is at the forefront of the workplace and at Okta, protecting Identities is what we do. It is what defines us as individuals, ultimately it makes perfect sense that our identities are used to verify us before we gain access to whatever we need.
Being present in the office is not enough. Organisations need to know and trust those seeking entry, whilst also ensuring they have the right access to company resources. The identity of a user should determine what resources a user can access, where they can access it from, what they can access it from, with continuous contextual analysis to determine when they can access it.
The foundations have clearly been laid for the future of work. Looking ahead there will be even more need for seamless digital collaboration and a revised need for commercial office space. With an expanding portfolio of technology in organisations comes an even greater importance for the access controls around them and the ability to provide seamless access to our workforce.
