banner

Thales Blog

How to Protect Your Systems from Unauthorized Access This Holiday Season

November 25, 2021

Danna Bethlehem Danna Bethlehem | Director, Product Marketing More About This Author >

Many retailers and shipping services are planning to hire temporary workers for the upcoming holiday season. In the beginning of September 2021, for instance, UPS announced that it was expecting to hire over 100,000 essential seasonal employees “to support the anticipated annual increase in package volume” during the holidays. It was approximately a month later when Amazon revealed its intention to hire 150,000 seasonal workers to keep up with the holiday shopping rush. That’s 50,000 more seasonal employees than the retailer brought in at the end of 2020, noted CNBC. In addition to UPS and Amazon, Walmart said it was recruiting 150,000 people, Target was looking to take on 100,000 seasonal workers, and FedEx was seeking to bolster its holiday workforce by 90,000, per Newsmax.

Seasonal Workers Come with Perennial Security Risks

Clearly, seasonal workers are essential to the holiday operations of many different types of organizations. But those same employees also pose a security risk. That’s because their access to business assets threatens to disrupt organizations’ vital business functions in the wrong hands.

This raises an important question: how are retailers, shipping services, and other organizations planning on protecting their systems from unauthorized access during this holiday surge of temporary and frontline workers?

Many organizations already have robust authentication solutions in place for their permanent workers. But the reality is that those solutions might not apply to seasonal workers. That’s a problem particularly when it comes to onboarding and off-boarding employee access. Seasonal employees need to be on-boarded quickly and smoothly. This can be challenging when they are likely not registered in the company’s standard employee user store. They also need to be off-boarded efficiently. Indeed, Security Roundtable clarified that instances where seasonal employees still maintain access to protected systems and relevant data after leaving a company constitute “a major cybersecurity risk.”

Not surprisingly, the risks have a financial impact on organizations. In the retail sector specifically, a data breach cost organizations an average of $3.27 million in 2021, according to IBM’s Cost of a Data Breach Report 2021. That’s 62% higher than it was a year earlier.

How to Address the Security Risks Posed by Seasonal Workers

Retailers, shipping and logistics companies, and other organizations can take multiple steps to mitigate the risks posed by seasonal workers by ensuring they have the right access security in place. First, a strong and efficient access management and authentication solution should be a strategic choice based on the Zero Trust principles. Efficient access management means balancing great user experience with a continuous authentication which evolves with the changing risk environment to reduce any security gaps. . Secondly, they can use authentication and access security solutions that automate user onboarding and provisioning. In this regard user self-service and self-enrollment is critical to reducing friction and IT overheads.

Thirdly, organizations need to make sure that the authentication method is suited to the context and situation of the employees. For example, temp employees will likely not want to user their private mobile devices as an authenticator device; some environments may be hands free also precluding the use of mobile devices. Some employees may be using shared terminals. With this type of variety in user context, a ‘one size fits all’ approach to authentication may not be the best approach. On the contrary, it would be preferable to ensure that any solution implemented can support a range of authentication methods to suit diverse use cases.

From there, organizations can restrict the levels of access that they give out. Security teams can use the principle of least privilege to limit access to systems which are necessary for seasonal employees to do their jobs. Infosec personnel can layer on additional security controls such as network monitoring and various levels of authentication, including multi-factor (MFA). These measures can help provide visibility into potential instances of misuse on seasonal employees’ accounts as well as make it more difficult for malicious actors to compromise those accounts.

Finally, security teams need to collaborate with hiring managers and other key stakeholders to configure their access security solution to revoke the permissions of seasonal workers. Simultaneously, they can use it as an opportunity to review the access rights of employees whom they might consider transitioning into permanent positions.

Securing a Partner for Holiday Seasons to Come

The above security recommendations depend on a solution’s ability to integrate neatly with an organizations apps and services and support a broad range of authentication methods. Additional partnerships can further extend the capabilities of an IAM platform. For example, the Thales SafeNet Trusted Access integration with Cortex XSOAR helps organizations orchestrate security responses across an environment. This partnership helps security teams to detect suspicious activity on their accounts in support of stronger access policies. With automatic alerts and access management workflows orchestrated across more than 750 third-party integrations, security teams can increase their response efficiency and productivity. This is crucial for infosec personnel to minimize the risks associated with seasonal employees, all while making the holidays a success for the business.

Learn how you can use Thales SafeNet Trusted Access integration with Cortex XSOAR to streamline your organization’s access management processes.