Zero Trust is popular because it works. It is ideal for securing data, applications, assets, and services (DAAS). IBM Security found that when a Zero Trust strategy is appropriately implemented, it reduces the cost of breaches by 43%. This is amazing…however, what does a Zero Trust strategy do for employee satisfaction and trust? We set out to answer this in our latest research, The State of Employee Trust.
We spoke with over 500 employees across the globe to discover the most practical ways employers can gain employee trust moving into 2023, knowing how critical this is for employee happiness, workplace satisfaction, and retention. We were surprised by the results. If empowered to choose the applications they use for work, 39% of employees said they would be willing to take a 20% cut in pay. This finding sheds light on what many employers fail to realize: applications are intimately tied to how people get their work done and their job satisfaction level. This begs the question: if employees care so much about choosing the applications they use for work, why do so many companies take a “block first and ask questions later” approach?
Our research indicates that this mentality pervades most security and IT teams. Despite Shadow IT spending representing over 50% of enterprise IT outlays and many applications falling into the ‘unmanageable’ category (no support for standards like single sign-on (SSO), passwordless authentication, or security APIs), security teams feel they can block their way into security. But this isn’t working, and it’s destroying employee trust at a time when it may be needed most.
Here are the key takeaways from our research:
The research calls for a new enrollment-based approach to security that balances trust-positive initiatives like employee application choice with cybersecurity and compliance requirements. Organizations must explore solutions that solve every company's challenges with unmanageable applications–manual user provisioning and deprovisioning, no support for corporate identity providers like Okta and Microsoft’s Azure AD, and no support for passwordless authentication. Solutions exist that successfully solve these challenges with an enrollment-based approach. Employees are willing to self-enroll in these solutions because they eliminate critical security tasks like managing passwords and access and make employees more productive, allowing them more freedom and flexibility without creating new risks —a win-win for security, IT teams, and every employee.
The bottom line is clear for leaders who want to build high-performance organizations for shareholders and employees: Zero Trust is only for applications and data, not employees. Organizational leaders must take tangible steps to build trust daily if they want the highest quality products, continuous improvement, and innovation.
The full report covers the topic in much more detail, along with actionable steps that can be taken, so be sure to download it. Employee trust and security are topics we are passionate about at Cerby. That’s why we’ve created the world’s first security platform that discovers new applications, eliminates manual security tasks like employee offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity and trust.