Identity Security in the Workplace Has Never Been More Important

With digital transformation accelerating and remote work becoming the new norm, understanding identity security in the workplace is becoming even more critical. 

Happy young millennial colleagues having virtual talk
fizkes/Stock Adobe

Imagine this: After a video interview with a candidate for a remote job, they seem perfect. Confident. Capable. They check all the boxes, have a deep knowledge of the skills required for the position and demonstrate a genuine desire to grow with the company. When they show up for their first day of work, it turns out everything is a lie.

They do not know the skills required for the position and have no confidence or desire to grow. In fact, they look so different that it becomes apparent that they are not even the same person.

This may sound like the set-up of a reality-show prank to some or a high-stakes tech crime thriller for others, but candidate scams today are becoming less fiction and more fact and potentially more dangerous than ever. They also threaten a company's bottom line.

As a leader in a company that helps clients improve identity verification and fraud detection, I have seen how common sense combined with technology mitigates risk in today's digital world. These risks can turn into larger issues, like in the case of a 19-year-old self-proclaimed ISIS affiliate infiltrating a Zoom science lesson on climate change to threaten a university with an imminent bombing. Without more secure methods of identity authentication, stepping away from your laptop while remote working at a coffee shop can lead to a hacked computer or identity impersonation. With digital transformation accelerating and remote work becoming the new norm, understanding identity security in the workplace is becoming even more critical.

The Fake Candidate Scam

In late June, the FBI Internet Crime Complaint Center (IC3) put out a public service announcement warning anyone in a hiring position about an uptick in reports of deepfakes using false videos and voices to misrepresent themselves in an interview convincingly. They also mention rising rates of stolen personally identifiable information (PII) to apply for remote work and work-from-home jobs.

Particularly, they noted the heightened risk for positions with information technology, computer programming, database, and software-related job functions. These candidate scammers are applying for work that would give them access to customer PII, financial data, corporate IT databases, and/or proprietary information: Imagine what might happen if they made it into those positions to access it.

Posts on LinkedIn, Reddit and other social media sites cautioning others about these candidate scams garner comments sharing similar stories. Some even describe themselves as interviewees who recruiters attempted to persuade to be the face of interviews on behalf of other people, a practice the recruiters have admitted to engaging in.

Not all fake candidate scams are as nefarious as attempting to steal confidential information — some just want to land a higher-paying job that they may not be qualified for. Others may have a criminal background and may use fake IDs to hide their past and land a job. Even with a background check, companies should be sure they have the correct identity information to run that check on the right person.

Unless companies have the right technology to detect subtle differences in facial features that can escape the human eye, these fake, unqualified, potentially dangerous candidates can eventually make it onto their team and into their technology network.

A More Secure Onboarding Process

The right technology can do more than stop fake or high-risk candidates — it can simplify and improve the onboarding process. With identity verification software, ID documents and personal data can be transmitted through a highly secure application so employees can trust that their information is protected from threats. New, quality employees can authenticate their identity and enroll in company benefits with greater ease and security: No sending in IDs or paperwork full of PII through unsecured emails or third-party intermediaries.

With all the costs associated with onboarding and training a new hire, companies should consider investing in security measures that prevent interview candidates from getting so far into the process. Unless they can be sure of their coworkers' identity, there is a risk of exposure to a potential threat from an onboarded individual.

Next-generation Security for Everyday Business

Companies looking to update their technologies to improve identity security should start by performing an audit of their workplace tools and processes to determine areas of vulnerability in identity verification management. Review any written policies or protocols for identity verification and authentication during the interview and onboarding processes. Examine written policies as they relate to password management and security. Evaluate the identity verification tech stack and how well it has evolved with the move to remote work environments.

When companies are ready for the next step, leaders can identify the potential impacts of multi-factor authentication (MFA) with highly secure biometrics that can assist teams in reaching their goal of safer protocols:

No passwords, no password-based attacks. Password-based attacks can cost companies and individuals millions in losses from data breaches, ransomware and fraud, so replace login credentials with biometrics matched to digital identity.

One sign-on for all applications. Simplify access management across multiple applications, like Slack or Teams, with single sign-on (SSO). Instead of entering unique usernames or passwords for each one, SSO makes all workplace programs easier to use with faster access.

Automate the workflow and alleviate administrative overhead. Instead of keeping password lists that could be easily compromised or wasting time getting locked out when you forget, facial biometrics can scan an individual's face and allow them into their account in seconds.

With technology and remote work increasing the use of digital tools to run a business, leaders should be reviewing security solutions to keep up with the changing workplace. Increasingly, international institutions with sensitive personal information — banks, governments, even universities — may call all-hands-on-deck conference calls, bringing together thousands of people from all over the world. This presents a risk unless leaders can ensure that those logging in are those who should be there — otherwise the risk can turn into reality.

I believe identity security in the workplace has never been more critical. I also feel that anyone in human resources, onboarding, or access management roles should know the rising risk in this new remote environment. The more aware team members are of these potential security risks, the better they can be at securing themselves against them.

The Newsweek Expert Forum is an invitation-only network of influential leaders, experts, executives, and entrepreneurs who share their insights with our audience.
What's this?
Content labeled as the Expert Forum is produced and managed by Newsweek Expert Forum, a fee based, invitation only membership community. The opinions expressed in this content do not necessarily reflect the opinion of Newsweek or the Newsweek Expert Forum.