John Milburn is CEO of identity governance and security company Clear Skye.
getty
From identity and access management (IAM) to zero trust and everything in between, solutions for every security challenge have hit the market in droves. With threats growing in sophistication and frequency, enterprises have adopted a “more is better” mentality. While this approach is justifiable, it’s resulted in Frankenstein’s monster of siloed tools instead of leaving enterprises better protected. The technologies that organizations have in place are only as valuable as their ability to protect and operate where the work is happening.
Unfortunately, security posture and strained IT budgets aren’t the only downsides. Multiple applications and processes at play can be a detriment to employees, too. Shifting between too many systems stifles productivity at best and, at worst, leads to workarounds and insecure practices to get work done. Despite the desire to add, business leaders might consider evaluating what they can achieve with fewer applications and interfaces. As observed in recent industry research, here are a few reasons why less is more when it comes to cybersecurity.
There are too many security vendors in the kitchen.
According to an identity management survey from Gradient Flow, a majority of knowledge workers with IT job functions indicated that they work with several vendors for security functions, including identity governance, risk, compliance, single sign-on, PAM and security operations. Yet, even with all of these solutions, it’s still taking too long to carry out necessary responsibilities. Compliance tasks, specifically providing requisite teams with the information needed to perform an audit, can take multiple days—and that’s on the quick side.
While it’s understandable that businesses will work with multiple vendors to address certain security issues, leaders might consider where they can scale back or consolidate. Speed is of the utmost importance, whether it’s in response to a breach or granting and removing access for new and former employees. Toggling between multiple, disparate systems for just security functions alone is a sure way to slow things down and get users frustrated in the process.
Context-switching is killing productivity.
What remote and hybrid working environments have eased for commuters and homebodies, they’ve complicated for IT teams. Companies, either by force or choice, have adopted new tech to resume in-office work with newly distributed teams. As a result, employees are spending more time switching between software applications than ever before. A report from Qatalog found workers cited spending nearly one hour a day looking for information between collaboration, storage and messaging apps, and half of workers fear information will get lost in the shuffle. That’s five hours lost each week and too little emphasis on tracking.
This can lead to mistakes. And while distraction may seem like a small price to pay, the effects compound over time. Psychologist and computer scientist Gerald Weinberg found that for each extra task—in this case, “context”—you switch between 20-80% of overall productivity is lost. While using different systems is necessary for most jobs, leaders could benefit by finding ways to streamline tasks or use additional features within an existing system to reduce the amount of context switching we’ve grown accustomed to.
UX is suffering.
Between multiple vendors and regular context switching, it’s no surprise that user experience (UX) is one of the greatest security challenges today. Many employees agree that identity solutions need to provide better interfaces and allow people to work productively and securely.
Another UX concern is cost, specifically for small companies. The irony is that IT budgets are hemorrhaging as enterprises acquire the latest and greatest security tech, but employees are struggling to even use them.
IT service management (ITSM), as evidenced by the aforementioned Gradient Flow research, is one trend that organizations have implemented to solve their security troubles. This approach eliminates challenges with UX and context-switching by providing users with a familiar interface, enabling them to perform better and cutting back on downtime.
This approach also streamlines data from across an organization, giving IT leaders greater visibility into what’s going on within their company. It empowers organizations with the quantity and quality of data needed to carry out process automation and more strategic AI and machine learning initiatives.
For those who have not already implemented the cloud, this is another solution that can help streamline IT, easing the demand on resources and reducing costs over time. Start slow with mission-critical operations, and build from there.
Additionally, automation tools are helpful in freeing up time for workers to focus on more important, bigger-picture tasks. It’s also a more effective way to clean up manual processes ripe for human error.
Doing More With Less
Born out of necessity, many organizations have no choice but to do more with what they have. This could be seen as a silver lining. It offers leaders an opportunity to maximize their existing tech investments and be more discerning about jumping on new solutions too quickly.
By extending functionality within current systems, employees are already familiar with the interfaces, requiring minimal to no training. This also frees up IT teams for more important projects. Your employees will have what they need to succeed, and you’ll save on the cost and headaches of new tech implementations.
Learning to do more with less in this way, especially when it comes to mission-critical initiatives like cybersecurity, is critical to properly secure the enterprise and improve operations in the process.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
