Inside the Briefcase

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Register with code GARTITB and save $350 off the...

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

8,434 adults were surveyed to gauge consumer awareness of...

FICO Scales with Oracle Cloud

FICO Scales with Oracle Cloud

Doug Clare, Vice President at FICO, describes how Oracle...

IT Briefcase Exclusive Interview: Minimizing Risks Brought on by the Shadow Workforce

October 4, 2017 No Comments

According to OneLogin’s Curse of the Ex-Employees report, 20 percent of organizations admit accounts belonging to former employees remain active for one month or more after an employee has left the company. Unknown to employers, these “ghost employees” are harboring company data for months or even years after leaving an organization. This has resulted in the growth of a “shadow workforce” – or an underground network of ex-employees with access to the company network. In this interview, we connected with Al Sargent, senior director at OneLogin, who shares how companies can minimize risks brought on by this shadow workforce.

  • Q. What are the biggest risks brought on by the shadow workforce?

A. First, let’s define the shadow workforce. According to the US department of labor statistics, the shadow workforce encompasses, “a large mix of different arrangements: part-time employment, hiring through temporary-help employment agencies; working as a self-employed consultant; … and more.” It might also include people driving for Uber, or stylists working for Stitch Fix.

The biggest risk of the shadow workforce is that they’re not fully off-boarded from apps when they stop working for a company, enabling them to continue to access company data.

  • Q. What steps do companies need to take to minimize these risks?

A. Companies need to manage shadow workforce identities in the same way they manage employee identities. Companies need to store shadow workforce identities in a human resources system of record, such as Workday, UltiPro, or Namely. Then, use those identities to automatically setup application access when onboarding, and revoke it when offboarding. This is how Stitch Fix reliably on- and offboards thousands of stylists who come and go with just a few IT administrators.

These former employees are using applications, accessing company documents, spying on former coworkers and vendors, and more, without many realizing this to be the case. With the shadow workforce only increasing, it’s crucial that employers take the steps above to minimize risks brought on by ex-employees.

Al 150x150 IT Briefcase Exclusive Interview: Minimizing Risks Brought on by the Shadow Workforce

Al Sargent, Senior Director, OneLogin

Al Sargent started coding at age 10, wrote his first computer game at 12, and by 13, got sent to the principal’s office for skipping class to code. Decades later, he’s now senior director at OneLogin. He loves the process of crafting stories about technology: understanding customers and users, what they care about, and how they use software in their jobs and lives. Prior to OneLogin, Al helped create the world’s first software-testing cloud, Sauce Labs; drive the fastest-growing business unit at VMware; advance market-changing open source technologies such as Spring and Cloud Foundry; and build a new software category — Software Analytics — at New Relic.

 

SECURITY

Leave a Reply

(required)

(required)


ADVERTISEMENT

Gartner IT Operations

SuperCharge Your Cloud

American CISO

IBC 2018

ITBriefcase Comparison Report