Whose Priority Comes First? Security or Employee Experience? CEO Insights 05-12-2021 By Jim Steinlage President & Chief Executive Officer Table of Contents Optimizing Security Solutions for Employee Experience Whose Needs Come First? A “Houdini” Balancing Act Worth Mastering As businesses enter the second year of a global pandemic they will need to put much of their focus on digital security solutions but not at the expense of the employee experience. Those most impacted are ones who work fully or in part from home. A challenge for IT and HR teams is that employees need to be able to work from anywhere, and they want to use their own personal devices and have personal device experience while doing it. It’s no surprise the increase in remote workers and user endpoints results in increased security risks. There’s a saying I was told when I was younger and I got in a hurry and made mistakes: “Haste makes waste.” Very few organizations were prepared for the impact of Covid in early 2020, so there was a lot of haste in getting remote access for employees quickly and it has now created security concerns that have led to sleepless nights for organizations’ owners and leadership teams. Optimizing Security Solutions for Employee Experience Even under ideal circumstances, it isn’t easy to foster a culture of security without compromising the employee experience. The pandemic rush to get online amplified organizations’ concerns of having many employees using their own devices and working on untrusted home networks. How can an organization guarantee it’s not exposed while ensuring any newly adopted security measures don’t negatively affect their employees’ well-being? It is a tug of war between employee experience versus risk avoidance. The solution is making sure the security components an organization chooses not only help employees do their jobs in a more secure way but also allow them to do their job more easily. That means adopting measures like: Zero trust security policy (Trust no one inside or outside your network) Single sign-on and multi-factor authentication Automation and simplification thru embedded microapps Easy-to-use multifactor authentication Constant security monitoring Ongoing security education Organizations should also prioritize identifying what it means to optimize the work-from-home experience as measured by end users. IT, HR and management should work together, listening and getting feedback from users to understand how they can improve the employee experience as they push toward a workable compromise of flexibility and performance while balancing risk avoidance. Having security leaders and HR leaders who can understand each others’ concerns will enhance your organization’s ability to maintain a secure environment without sacrificing the employee experience. Whose Needs Come First? In many organizations it’s often a deliberation between company security solutions and policies versus employee productivity. Which comes first? The risk and liability in protecting non-human assets tends to be put ahead of employee needs. Yet, with employees facing increasing pressure to deliver, they often do whatever it takes to complete their tasks, even if it means security is compromised. This can create unnecessary tension between IT/Security who are responsible for keeping data safe and HR whose job it is to champion the employee experience in recruiting and retaining team members. When you view security solutions through the lens of employee experience, the approach is fundamentally different, but the results can be the same: a more secure work environment. Some experts suggest securely optimizing the employee experience by: Giving employees software accessing tools that prioritize flexibility and security rather than IT vendor preference Having HR and security working together, providing consistent security awareness for employees from onboarding to regular training Committing to collaborated synergy among leadership, IT, Security, and HR Always thinking in terms of eliminating human error through process improvement Employees must be constantly educated about just how much their physical environment and their actions matter to the organization’s security. Employee cybersecurity education is a great way to have HR and security work together to address the company’s security concerns while continuing to optimize the employee experience. A “Houdini” Balancing Act Worth Mastering As organizations continue to adapt to the evolving dynamics between security solutions and employee experience, it’s important to prioritize creating a culture of security that encompasses everything employees do daily. Employees, who rightfully have no desire to be security experts, must nevertheless be encouraged to take security seriously and not just wait for someone else to handle it. That makes it imperative to adopt security solutions that keep the organization secure while not hampering employees’ ability to do their jobs and be productive. It is a balancing act that will always be with us. Don’t be afraid to look at multiple options and lean on outside expertise that is manufacturer neutral. There are bad characters who are making it a priority to exploit your organization whether you are large or small. Let’s be sure we are equally making it a priority to protect it without negatively affecting your employees’ experience.