enterprisesecuritymag

2021 will be the year of flexibility and decentralization

Sven Haster, Senior Developer & Product Manager, Topicus KeyHub

Here at Topicus KeyHub we see that the world is changing and will continue to change to a more flexible mix of working from home and in the office. Even after the pandemic people will likely work from home more than they did in previous years and this flexibility in workspace in turn requires flexibility from companies and IT departments.

When people don’t see each other in the office everyday and communication largely happens asynchronously, traditional workarounds for sometimes bureaucratic and conservative internal processes don’t work as well as they used to. When employees keep running into issues with IT hardware and software they try to minimize the interactions needed, leading to shadow IT and overprovisioning “to be on the safe side”.

To avoid this, companies will want to move to more flexibility when requisitioning IT solutions, be that hardware, software or administrative tasks such as access management. In a world where team makeup and work schedules are flexible, the supporting IT infrastructure should be just as flexible.

We predict a greater focus and role for the teams to manage themselves, rather than centralized administration. This also includes required access: teams will be looking for ways to give everyone the access they need and to easily onboard, or offboard, team members.

Topicus KeyHub supports decentralized authorization, where teams are in charge of their own systems and authorizations and can easily give new people access. A team manager authorizes new team members with a few clicks for access to all required infrastructure. It doesn’t matter whether we’re talking ticketing systems and webcare accounts or admin-interfaces and SSH-shells, the team is in control. All access can be granted without having to go through a procedure with central IT complicated by a lack of direct interaction.

In 2021 we’re looking into leveraging social network-like practices, such as social discovery, to help our users’ interactions with KeyHub. For example, social discovery of teams during onboarding. Based upon who you’re working with, we can suggest what access you’ll likely need. This will be a huge boon during onboarding, which is always a bit of a bootstrapping process, by assuming you’ll likely need the same or similar access as your direct coworkers.

Another way we’re looking at the social factor is for situations where users have lost some of their credentials. Password or 2FA resets typically require action by a centralized administration or internal servicedesk, with some kind of procedure to doublecheck that it is really you who requests a reset and not an attacker. Such procedures are cumbersome, and become even more so when they have to be performed online, by people who have never met one another, may not have similar work schedules and might not have access to the same communication channels.

We’re looking into leveraging your coworkers to provide this confirmation. If enough of your direct colleagues say you are indeed looking to reset your access, you’ll get your reset. Your coworkers already have established communication channels with you which they can use to easily verify your request. There are real possibilities to improve UX via such ‘self-service’ functionality.