Home > Equipment & Environment > Identity Management: Safety at Work

Identity Management: Safety at Work

By: Kevin Watson MSc - Updated: 31 Jul 2015 | comments*Discuss
 
Identity Management Access Privacy

Identity management is a general term that refers to security at work. An identity management system, for example, ensures that individuals access only those parts of a building or computer system that apply to their jobs. Identity management also deals with the control of data. Since data is often personal, identity management helps safeguard privacy. These issues - work security, data control and privacy - affect everyone. And yet people don’t always realise the importance of identity management in their lives.

Office Building

To give an idea of identity management at its most basic, picture the floor of an office building. The plan of the floor shows rooms, corridors, a reception area, toilets, doors, stairwells and lift access.

Some of the rooms, as with any office, contain confidential files and other important data. The organisation that occupies the floor clearly doesn’t want the public to have unrestricted access to this. Furthermore, it wants its staff to go about their jobs without members of the public unexpectedly approaching them.

Staff must therefore have some form of code or card to access the floor. This type of access management allows staff to enter the areas where they work. It ensures the safety and security of staff and prevents unauthorised access to office equipment and confidential files. The organisation may also want to limit staff access to certain rooms. Once again, this may be for reasons of confidentiality. A code or card system can control this.

The point is, that access management is part of identity management. An organisation may only wish to allow a junior employee, for instance, to access the communal areas and the room in which he or she works. The organisation can control this with an access management system connected to each member of staff.

Harassment and Theft

The above may seem fairly obvious. Even so, some business premises do not have access management systems. Unauthorised visitors can harass staff. Thieves may enter a building intent on stealing. Such theft is serious. Thieves may want physical items such as printers. They may also be interested in business accounts, customer details and the payroll information of employees.

Computers

Most information in an organisation is on computers, of course. This is another critical area for identity management. Organisations should control and monitor who accesses what on their computer systems. This helps ensure the security of data. It also protects staff. Without identity management, staff are open to accusations of seeing personal and confidential data that has nothing to do with their jobs.

Identity management on computers usually involves passwords and access levels. But running a system’s security on passwords alone may be inadequate. Some staff use obvious passwords; some don’t change the password from its default setting; others walk away from their screens and keyboards before logging out. A password system can leave computers less vulnerable to unauthorised access.

More effective identity management systems for computer access use biometrics. These include fingerprints, palm prints, face recognition, iris recognition and DNA. The problem, however, is that few organisations adopt these options.

In America, for example, the Government Accountability Office (GAO) reviewed federal computers. The GAO found that the FBI had a weak identity management system. According to the GAO report, the FBI did not identify and check computer users properly. It also failed to have sufficient safeguards that prevented unauthorised people gaining access.

Recommendations

Workplace security experts recommend an organisation has an identity management strategy. The purpose of the strategy is to introduce an identity management system that applies to all aspects of the organisation’s work.

To achieve this, the temptation is to use a software application. Experts advise caution, however. Software apps can lead to an uncoordinated strategy across a large organisation. The result is that people who wish to abuse the system can do so with relative ease.

Instead, experts suggest a centralised approach to identity management. Organisations should use a single place where an authorised officer can create, adjust and monitor individual and group identity accounts as necessary. The officer can also approve or deny access for staff who wish to use specific areas of an organisation’s computer system.

Closing an individual’s access when he or she leaves is also important. The failure to close an individual’s account is common. It can lead to gaps in the system that are open to exploitation.

Finally, users must understand an identity management system and its relevance to their work. Employers should arrange appropriate training. Some experts even recommend that employers re-issue identity management access to all staff once a year, and tie this in with refresher training.

Cost

Identity management clearly comes at a price. Employers must also put time and effort into the process. But the overriding benefit is secure working. Data remains confidential; thieves and hackers struggle to gain access to financial data; and staff feel more confident about their working environment.

You might also like...
Share Your Story, Join the Discussion or Seek Advice..
Dear This is Mohammed Khaja HSE Officer, What are New Ideas to Decrease the Hazards Closing an individual’s access when he or she leaves is also important. to Injury after be Cut / Trip on the work side
FK Builder's - 31-Jul-15 @ 1:36 PM
Share Your Story, Join the Discussion or Seek Advice...
Title:
(never shown)
Firstname:
(never shown)
Surname:
(never shown)
Email:
(never shown)
Nickname:
(shown)
Comment:
Validate:
Enter word:
Latest Comments
  • Jay
    Re: Can my Employer Fire Me?
    I have worked for this company for 3 years I'm contracted to do 25 hours per week and I have offered a couple of hours at weekends to…
    22 August 2017
  • Mr A.Davies
    Re: When Your Employer Changes Your Working Hours
    I am on an 18 hour contract starting at eight until twelve each day .I have been informed my hours dont…
    22 August 2017
  • Williamk
    Re: Understanding Your Employment Contract
    My husband is contracted for 20 hours per week ( stated in his contract) his employer is now saying that's 80 hours…
    22 August 2017
  • SafeWorkers
    Re: Food Safety and the Law
    Chef Vic - Your Question:What exactly uk law says about consuming food in industrial food preparation areas? (Eating in restaurants…
    22 August 2017
  • SafeWorkers
    Re: Age Discrimination at Work
    Marie - Your Question:I have worked for a small charity,25-50 employees for 13 years, always as one of two people in my section, the…
    22 August 2017
  • SafeWorkers
    Re: Understanding Your Employment Contract
    Becca - Your Question:I'm on a 6 hour contract, and have no specific days, although I've opted to work my 6 hours on…
    22 August 2017
  • SafeWorkers
    Re: What if Work Makes You Ill?
    Worriedworker - Your Question:Hi I hope someone can help me. I work in a store cafe and we have had no air conditioning for the…
    22 August 2017
  • Justice
    Re: Sickness: Your Rights
    I hurt my back was in servere pain so I rang in sick and advised my manager. I was asked if I was going to the doctor to get some stronger…
    22 August 2017
  • SafeWorkers
    Re: Employer Has Changed My Shifts: What Are My Rights?
    GG - Your Question:Hi I've worked the same night shift every Thursday and Saturday for over a year.…
    22 August 2017
  • Swifty
    Re: Sickness: Your Rights
    I've been signed off sick for past 2 weeks due to car crash and back problems. Been in regular contact with my place of work during this…
    21 August 2017
Further Reading...
Our Most Popular...
Add to my Yahoo!
Add to Google
Stumble this
Add to Twitter
Add To Facebook
RSS feed
You should seek independent professional advice before acting upon any information on the SafeWorkers website. Please read our Disclaimer.