WSO2 SUMMIT 2020   ·   Building an Integrated API Supply Chain   ·   Register Now!


June 02, 2020
3 min read

How IAM Solved (Quite a Few) HR and Administration Issues While Working From Home

Image credits: Retha Ferguson from Pexels

With things finally returning to a new kind of normal, if not because the pandemic is no longer threatening but at least because we have learned to live with it, it is time to remember our lessons. When businesses closed down, due to communication difficulties this didn’t only negatively impact the business or the industry but showed a direct decline in the country’s economy itself. As much as we hope and pray that this is not our eternal reality, we should not be blind enough to ignore the fact that a paradigm shift has already occurred.

We have reached a point where the different products that IT readily offers are no longer independent entities (actually, they never were). From ordering essentials online, making secure payments online, and converting our homes into virtual office spaces, our recent experiences have one strong message for all of us - IT is not a luxury anymore but a necessity. If you are not a very technical person, you are still expected to learn your basics. On the other hand, organizations that purely focused on clients who spoke the same language are now looking at a wider market of opportunities where their products should be made in a way that’s unsophisticated, user friendly, and serves a variety of industries as opposed to just the IT industry and its derivatives.

Human resources, for example, is a sector that closely associates with its workforce. With all that's unfolding in our world, one-to-one communication opportunities for hiring, conflict resolutions, resignation processes, and plenty of other HR-based activities couldn't function as they normally do. An organization with inefficient HR and admin services is a threat to the very existence of the business.

These are a few areas where an identity and access management solution (IAM) helped me and my colleagues get through the learning curve of working from home with ease.

The Number of Questions I Have != The Number of Times I Nag an Administrator

The questions that we have are answered via different applications launched in an internal cloud. This has resources that we need for our day to day activities as well as inquiries related to payroll, partners, and customers. However, signing into each and every one of them is an overhead and can get frustrating. This is where IAM comes into the picture. The single sign on (SSO) feature in IAM allows us to access all the applications within a given session, using a single secure authentication. When I sign in to one application, it authenticates me to proceed further to all my other applications without having to sign into them again. Moreover, I can safely log out of all my applications using the single logout feature. This way, there is no way I am worried about having to logout of everything promptly.

This is utilized to access conference apps like Zoom using the organization-level user credentials so that employees need not create separate accounts during this crisis.

A screenshot from regular zoom meetings conducted within the WSO2 IAM team

If the Proof is Not Satisfactory, Use Another Factor

Since many of us are working from home, the chances of intruders and imposters trying to act as if they belong can put the resources of an organization at risk. This is where multi factor authentication (MFA) comes into play. In addition to the basic authentication, you can include something that the user knows (like a password), something that the user has (like an RSA token), or something that the user is (any biometric references like retina scans or fingerprints). While adding this additional security element brings more security, it can be super annoying for an average user. This is why there is adaptive authentication. You can choose the MFA factors depending on how prominent the resources that a certain user handles are, the user’s geographical location (if the user is stuck somewhere other than the residence due to the situation), the user’s access privileges, or in other words, what the user can do with the accessed data, the user’s IP address and many more. This proves to be secure while still being user friendly.

Go Passwordless!

It can be a real struggle if we forget passwords in these circumstances. Imagine the plight of an IT admin if a number of people forget their passwords on a daily basis. Also, writing these passwords when you can’t remember them by heart, having weak passwords, having the same passwords for multiple applications for convenience can all lead to a hacker’s delight. Passwordless authentication protocols like FIDO2 depend on security key mechanisms instead of passwords. This is both user friendly and secure.

Onboard, Promote, Transfer

Onboarding, promoting, or transferring an employee requires the admins to give them access to certain applications and rights; and modify them whenever required. This is not a hassle with identity and access management since the users and roles exist in the system and creating new employees, promoting employees to another role, and transferring the department of an employee can all be done easily. These functions can also be enhanced using the workflow feature in IAM.

These are just a few advantages to having an IAM solution to manage your applications. Technology is not a patch for the pandemic. This is going to be the way of life going forward since organizations have now realized its benefits and the extent of feasibility.

WSO2 Identity Server is an open source IAM solution that can solve your organization’s identity and access management requirements so that the next time something tries to beat you, you are too prepared to be shook.