Home > Equipment & Environment > Identity Management: Safety at Work

Identity Management: Safety at Work

By: Kevin Watson MSc - Updated: 31 Jul 2015 | comments*Discuss
 
Identity Management Access Privacy

Identity management is a general term that refers to security at work. An identity management system, for example, ensures that individuals access only those parts of a building or computer system that apply to their jobs. Identity management also deals with the control of data. Since data is often personal, identity management helps safeguard privacy. These issues - work security, data control and privacy - affect everyone. And yet people don’t always realise the importance of identity management in their lives.

Office Building

To give an idea of identity management at its most basic, picture the floor of an office building. The plan of the floor shows rooms, corridors, a reception area, toilets, doors, stairwells and lift access.

Some of the rooms, as with any office, contain confidential files and other important data. The organisation that occupies the floor clearly doesn’t want the public to have unrestricted access to this. Furthermore, it wants its staff to go about their jobs without members of the public unexpectedly approaching them.

Staff must therefore have some form of code or card to access the floor. This type of access management allows staff to enter the areas where they work. It ensures the safety and security of staff and prevents unauthorised access to office equipment and confidential files. The organisation may also want to limit staff access to certain rooms. Once again, this may be for reasons of confidentiality. A code or card system can control this.

The point is, that access management is part of identity management. An organisation may only wish to allow a junior employee, for instance, to access the communal areas and the room in which he or she works. The organisation can control this with an access management system connected to each member of staff.

Harassment and Theft

The above may seem fairly obvious. Even so, some business premises do not have access management systems. Unauthorised visitors can harass staff. Thieves may enter a building intent on stealing. Such theft is serious. Thieves may want physical items such as printers. They may also be interested in business accounts, customer details and the payroll information of employees.

Computers

Most information in an organisation is on computers, of course. This is another critical area for identity management. Organisations should control and monitor who accesses what on their computer systems. This helps ensure the security of data. It also protects staff. Without identity management, staff are open to accusations of seeing personal and confidential data that has nothing to do with their jobs.

Identity management on computers usually involves passwords and access levels. But running a system’s security on passwords alone may be inadequate. Some staff use obvious passwords; some don’t change the password from its default setting; others walk away from their screens and keyboards before logging out. A password system can leave computers less vulnerable to unauthorised access.

More effective identity management systems for computer access use biometrics. These include fingerprints, palm prints, face recognition, iris recognition and DNA. The problem, however, is that few organisations adopt these options.

In America, for example, the Government Accountability Office (GAO) reviewed federal computers. The GAO found that the FBI had a weak identity management system. According to the GAO report, the FBI did not identify and check computer users properly. It also failed to have sufficient safeguards that prevented unauthorised people gaining access.

Recommendations

Workplace security experts recommend an organisation has an identity management strategy. The purpose of the strategy is to introduce an identity management system that applies to all aspects of the organisation’s work.

To achieve this, the temptation is to use a software application. Experts advise caution, however. Software apps can lead to an uncoordinated strategy across a large organisation. The result is that people who wish to abuse the system can do so with relative ease.

Instead, experts suggest a centralised approach to identity management. Organisations should use a single place where an authorised officer can create, adjust and monitor individual and group identity accounts as necessary. The officer can also approve or deny access for staff who wish to use specific areas of an organisation’s computer system.

Closing an individual’s access when he or she leaves is also important. The failure to close an individual’s account is common. It can lead to gaps in the system that are open to exploitation.

Finally, users must understand an identity management system and its relevance to their work. Employers should arrange appropriate training. Some experts even recommend that employers re-issue identity management access to all staff once a year, and tie this in with refresher training.

Cost

Identity management clearly comes at a price. Employers must also put time and effort into the process. But the overriding benefit is secure working. Data remains confidential; thieves and hackers struggle to gain access to financial data; and staff feel more confident about their working environment.

You might also like...
Share Your Story, Join the Discussion or Seek Advice..
Why not be the first to leave a comment for discussion, ask for advice or share your story...

If you'd like to ask a question one of our experts (workload permitting) or a helpful reader hopefully can help you... We also love comments and interesting stories

Title:
(never shown)
Firstname:
(never shown)
Surname:
(never shown)
Email:
(never shown)
Nickname:
(shown)
Comment:
Validate:
Enter word:
Latest Comments
  • Joe
    Re: General Workplace Safety
    Can I be forced to put my belongings in a unsafe locker
    5 December 2019
  • Reddwalf
    Re: Criminal Background Checks: CRB & DBS
    Hi, I want to work as a nursery assistant, but a few years ago my daughter made a false allegation that I threatened…
    5 December 2019
  • Sunny
    Re: Safe Working Temperatures
    Iam heart patient and having high blood pressure issues and iam on medication 4 tabs a day and i work full time at night shift and my…
    5 December 2019
  • Chris
    Re: Can my Employer Fire Me?
    I've had a shoulder injury for 3 years that happened before I started employment at my current job. For this injury I've been…
    4 December 2019
  • Dave
    Re: Lead Poisoning: Causes and Prevention
    Hi, Can anyone tell me whether the lead shot that falls on the ground as a result of shooting clay pigeons, is…
    4 December 2019
  • Calling Out The Corr
    Re: Violence at Work
    How do HM Revenue & Customs get away with bullying and harassing staff ?
    4 December 2019
  • Fred
    Re: Sickness: Your Rights
    I have been with my employer for over 11 years now. For the last 2 months I've struggled on and off with sciatica. I have taken the last 2…
    3 December 2019
  • Steve
    Re: Employer Has Changed My Shifts: What Are My Rights?
    My employer has got me starting my first two days on nights then a day of rest then next three days…
    3 December 2019
  • Mr T
    Re: Guide to Your Rights When Working Alone
    If you are not using a lone worker devise and checking via say a raido, is there a maximum time limit to monitoring?
    3 December 2019
  • Anon
    Re: Violence at Work
    What about psychological bullying such as what I suffered for about a decade working for HM Revenue & Customs? A bullying manager sent her…
    2 December 2019