How to Regain Control of Your Digital Transformation

The Covid crisis presented an opportunity for many companies to test their digital transformation. Telecommuting, network connections, data access, video conferencing. Security and compliance. Did you lose track along the way? Here is our take on how you can get it back.

When Covid-19 swept across Denmark in the spring of 2020, it brought along a huge wave of digitization across the board. In a very short amount of time, companies were forced to make changes to their existing digital set-up. Changes that, under normal circumstances, could have taken up to 10 years to implement. However, when 2ndC conducted a survey in the spring to explore how Danish companies had coped with the widespread transition to telecommuting in connection with the outbreak of coronavirus, it turned out that the vast majority of Danish companies had made the transition to working from home, generally without much difficulty. The digital transformation had exceeded all expectations. Is there really anything else to talk about at all? Is everything as it should be?

Not necessarily. As with any premiere, a hectic prelude preceded it. When most of the organization’s workstations suddenly logged on from home for the first time, the IT departments only had time to tend to the most necessary things. This meant that, even though the transformation itself went well, many IT departments over the past many months have been preoccupied with support cases and help-desk tasks.

It Is Time to Take a Step Back

Now that the dust has settled, it is time to regain control. Take a step back and look closer at applications, data and licenses. Employees who have left the company and employees who have joined. Get an overview of who actually has access to what, which licenses are in use and which ones aren’t. Not to mention, which applications have come along in the process.

Perhaps it is time to re-evaluate compliance in relation to GDPR, because the many employees telecommuting increase the risk of inappropriate handling of personal data and data leaks. To many companies with a lack of overview, it may even feel as if they have to choose between maintaining business efficiency or complying with the provisions of GDPR. However, that certainly doesn’t have to be the case.

Where do we go from here?

During the corona pandemic, many companies have discovered golden opportunities to increase employee satisfaction and save office square meters by making teleworking permanent. This underscores the importance of keeping track of IT security measures.

One of the best ways to get an overview of an organization’s IT security and digital transformation is by asking yourself three questions:

  1. Who has access to what?
  2. When do they have access?
  3. What does the employee have access to?

Let’s review them one at a time:

Who has access to what?

Do you manually decide which accesses each employee should be assigned? Do you copy accesses from others in similar positions? In that case, you may easily lose track of who has access to what. This, in turn, may lead to both over-licensing and lacking accesses, not to mention weakened IT security. In addition, keeping track of who has access to what data and when is one of the cornerstones of the EU’s GDPR. If you are able to answer this question, you will kill two birds with one stone and create a much-needed overview, which may be much less difficult to achieve than it sounds.

When does the employee have access?

When onboarding and offboarding, it is crucial to give the employee the access required from the first day, no matter if this is a new employee or an existing employee who has transitioned to a new position. However, it is just as crucial to close the accesses again when the employee leaves the company: Licenses that have not been closed cost companies hundreds of thousands of kroner each year, and “forgotten” accesses pose a huge security risk.

A smooth onboarding process helps to ensure the new hire a good start to the new job, which in turn, results in a satisfied employee, who will not only be able to start filling his or her new role to the fullest from the first day of employment, but who also, statistically speaking, is more likely to stay longer with the company. An automated identity and access control platform (IAM) can ensure the right accesses with a single entry and will ease the workload on the HR and IT departments.

The same process is used when the employee resigns; accesses and licenses are closed by entering a resignation date in a single user interface, no further action required.

What does the employee have access to?

Of course it matters if the employee has been assigned the right accesses. This is important not only for the employee’s efficiency and job satisfaction, but also for IT security. Too few accesses result in a frustrated employee who is not able to perform his or her tasks. Too many accesses result in weakened IT security that can be exploited by cybercriminals. Not to mention, unintentional access to sensitive personal data and information, which may constitute a breach of GDPR.

When it comes to access assignment, the best solution is to implement a role-based IAM system. In the long run, it is also the easiest option! A role-based IAM solution ensures the employee accesses based on the person’s position, work functions and department, etc. This eases the workload and creates an overview, both at the level of HR and IT.

Regain control of the digital transformation with 2ndC Compliance Suite

The sweeping wave of digitalisation that hit Denmark in 2020 compressed, so to speak, 10 years of digital development into one single year. From this perspective, it is not strange to feel that one might have lost track. Fortunately, there are tools available that will not only enable you to regain that overview, but will let you gain full control of the situation. If you have already guessed that one of those tools is called an IAM solution, then you did not read this article in vain.

2ndC Compliance Suite is one such solution. With 2ndC Compliance Suite you get, among other things:

  • Day One Access to all systems and applications.
  • All identity and access­management functionalities gathered in one place.
  • Full overview of master data.
  • Automated assignment of licenses and digital accesses.
  • Logon to access all person-related events in the organization’s IT systems.

If you are interested in learning how 2ndC Compliance Suite can get you back on track, download our demo video below:

 

Download Demo Video

Video: Download our demo video of 2ndC Compliance Suite to see how 2ndC Compliance Suite helps your organization manage your IT users and manage access to your IT resources.

2ndC
8 Kgs. Nytorv, 3
DK – 1050 Copenhagen K


CVR 16 98 77 35

+45 3164 3434
info@2ndc.dk