Security News > 2023 > January > Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust

Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust
2023-01-03 14:09

An enforcement-based approach to security begins with a security policy backed by security controls, often heavy-handed and designed to prevent employees from engaging in risky behavior or inadvertently expanding the potential attack surface of an organization.

Most organizations exclusively use enforcement-based security controls, usually carried out at the network level with a Cloud Access Security Broker or a Security Services Edge.

The applications these tools don't support are often the riskiest because they don't meet common industry and security standards, including SAML for authentication and SCIM for user management.

Whether employees know it or not, unmanageable applications can negatively affect an organization's security and often create more work for technology teams.

What's the solution? A more practical and forward-facing posture that balances employee application choice and employer priorities such as security and compliance.

Employees should be able to choose their applications, and employers shouldn't worry about security.


News URL

https://thehackernews.com/2023/01/enforcement-vs-enrollment-based.html