Home > Equipment & Environment > Identity Management: Safety at Work

Identity Management: Safety at Work

By: Kevin Watson MSc - Updated: 31 Jul 2015 | comments*Discuss
 
Identity Management Access Privacy

Identity management is a general term that refers to security at work. An identity management system, for example, ensures that individuals access only those parts of a building or computer system that apply to their jobs. Identity management also deals with the control of data. Since data is often personal, identity management helps safeguard privacy. These issues - work security, data control and privacy - affect everyone. And yet people don’t always realise the importance of identity management in their lives.

Office Building

To give an idea of identity management at its most basic, picture the floor of an office building. The plan of the floor shows rooms, corridors, a reception area, toilets, doors, stairwells and lift access.

Some of the rooms, as with any office, contain confidential files and other important data. The organisation that occupies the floor clearly doesn’t want the public to have unrestricted access to this. Furthermore, it wants its staff to go about their jobs without members of the public unexpectedly approaching them.

Staff must therefore have some form of code or card to access the floor. This type of access management allows staff to enter the areas where they work. It ensures the safety and security of staff and prevents unauthorised access to office equipment and confidential files. The organisation may also want to limit staff access to certain rooms. Once again, this may be for reasons of confidentiality. A code or card system can control this.

The point is, that access management is part of identity management. An organisation may only wish to allow a junior employee, for instance, to access the communal areas and the room in which he or she works. The organisation can control this with an access management system connected to each member of staff.

Harassment and Theft

The above may seem fairly obvious. Even so, some business premises do not have access management systems. Unauthorised visitors can harass staff. Thieves may enter a building intent on stealing. Such theft is serious. Thieves may want physical items such as printers. They may also be interested in business accounts, customer details and the payroll information of employees.

Computers

Most information in an organisation is on computers, of course. This is another critical area for identity management. Organisations should control and monitor who accesses what on their computer systems. This helps ensure the security of data. It also protects staff. Without identity management, staff are open to accusations of seeing personal and confidential data that has nothing to do with their jobs.

Identity management on computers usually involves passwords and access levels. But running a system’s security on passwords alone may be inadequate. Some staff use obvious passwords; some don’t change the password from its default setting; others walk away from their screens and keyboards before logging out. A password system can leave computers less vulnerable to unauthorised access.

More effective identity management systems for computer access use biometrics. These include fingerprints, palm prints, face recognition, iris recognition and DNA. The problem, however, is that few organisations adopt these options.

In America, for example, the Government Accountability Office (GAO) reviewed federal computers. The GAO found that the FBI had a weak identity management system. According to the GAO report, the FBI did not identify and check computer users properly. It also failed to have sufficient safeguards that prevented unauthorised people gaining access.

Recommendations

Workplace security experts recommend an organisation has an identity management strategy. The purpose of the strategy is to introduce an identity management system that applies to all aspects of the organisation’s work.

To achieve this, the temptation is to use a software application. Experts advise caution, however. Software apps can lead to an uncoordinated strategy across a large organisation. The result is that people who wish to abuse the system can do so with relative ease.

Instead, experts suggest a centralised approach to identity management. Organisations should use a single place where an authorised officer can create, adjust and monitor individual and group identity accounts as necessary. The officer can also approve or deny access for staff who wish to use specific areas of an organisation’s computer system.

Closing an individual’s access when he or she leaves is also important. The failure to close an individual’s account is common. It can lead to gaps in the system that are open to exploitation.

Finally, users must understand an identity management system and its relevance to their work. Employers should arrange appropriate training. Some experts even recommend that employers re-issue identity management access to all staff once a year, and tie this in with refresher training.

Cost

Identity management clearly comes at a price. Employers must also put time and effort into the process. But the overriding benefit is secure working. Data remains confidential; thieves and hackers struggle to gain access to financial data; and staff feel more confident about their working environment.

You might also like...
Share Your Story, Join the Discussion or Seek Advice..
Dear This is Mohammed Khaja HSE Officer, What are New Ideas to Decrease the Hazards Closing an individual’s access when he or she leaves is also important. to Injury after be Cut / Trip on the work side
FK Builder's - 31-Jul-15 @ 1:36 PM
Share Your Story, Join the Discussion or Seek Advice...
Title:
(never shown)
Firstname:
(never shown)
Surname:
(never shown)
Email:
(never shown)
Nickname:
(shown)
Comment:
Validate:
Enter word:
Latest Comments
  • Tamjp
    Re: Employer Has Changed My Shifts: What Are My Rights?
    I've worked for my employer 4 years it's a retail store I'm a single parent and i am available to…
    25 April 2017
  • Gem
    Re: Understanding Your Employment Contract
    I am contracted to work 35 hours a week as set out in my contract. Last few weeks I have only been given 20hours a…
    25 April 2017
  • Craig
    Re: Understanding Your Employment Contract
    I have been on sick for over a month and have just been and had a well being meeting with HR and a manager and been…
    25 April 2017
  • SafeWorkers
    Re: National Minimum Wage
    Ladyluck18 - Your Question:Are employers allowed to deduct money out of our wages for even small mistakes made at work? I.e.) a mixed up…
    24 April 2017
  • SafeWorkers
    Re: Zero Hours Contracts Explained
    Ladyluck18 - Your Question:All employees other than management are on national minimum wage at my place of work, we all are…
    24 April 2017
  • SafeWorkers
    Re: Workplace Injury Claim
    Jk1 - Your Question:Hi I wanted to know if anyone has any advice I was working for a company where we all had to wear safety shoes After a…
    24 April 2017
  • Shar
    Re: Exemptions to the Smoking Ban
    I work in an aged care facility, we are asked to take residents outside for a smoke, do we have the right to refuse?
    24 April 2017
  • Ladyluck18
    Re: National Minimum Wage
    Are employers allowed to deduct money out of our wages for even small mistakes made at work? I.e.) a mixed up for order? Our boss/manager…
    23 April 2017
  • Ladyluck18
    Re: Zero Hours Contracts Explained
    All employees other than management are on national minimum wage at my place of work, we all are classed as part time I guess…
    23 April 2017
  • Jk1
    Re: Workplace Injury Claim
    Hi I wanted to know if anyone has any advice I was working for a company where we all had to wear safety shoes After a few months my feet…
    23 April 2017
Further Reading...
Our Most Popular...
Add to my Yahoo!
Add to Google
Stumble this
Add to Twitter
Add To Facebook
RSS feed
You should seek independent professional advice before acting upon any information on the SafeWorkers website. Please read our Disclaimer.