Seasoned CISOs perceive that supporting enterprise aims securely and successfully is a high precedence — a detailed second is to take action with out irritating customers. That was the case when Stephanie Franklin-Thomas was requested to allow a shifting host of greater than 100,000 frontline cleansing, parking, and constructing upkeep employees to clock in at world shopper websites and entry work sources.
As senior vp and CISO for amenities providers contractor ABM Industries, she determined to deal with three priorities for the gargantuan challenge: Make entry safe, meet enterprise necessities, and make it straightforward to make use of. The outcome was a easy system for frontline employees who scan QR codes on a shared Android gadget positioned on the shopper web site, have a look at the digital camera, and switch their heads back and forth to finish facial biometric authentication. The QR codes, issued at worker orientation, are printed on badges and won’t work with out stay facial recognition. It was a chic resolution to a doubtlessly huge roadblock to effectivity that was central to the corporate’s changing into a CSO 50 2023 honoree.
Franklin-Thomas says that attending to this stage did not come with out trial and error. Nor was it with out assist. Her senior director of knowledge security, Danyel Anderson, led the day-to-day efforts of the transformation alongside her, planning, deploying, troubleshooting, after which “developing with a brand new plan” when the primary check pilot proved too cumbersome for frontline staff members.
A giant authentication plan to satisfy huge enterprise necessities
As a part of ABM’s digital transformation, two groups — the technique and transformation staff and the know-how staff — got here up with an thought they referred to as Group Join so that each one workers, no matter the place they’re working, can entry timecards and different digital sources. Throughout planning, they introduced the cybersecurity staff to the desk and requested in regards to the necessities to help this entry.
“Generally it amazes me once I hear security leaders are nonetheless saying no to innovation when they need to be enabling it,” Franklin-Thomas says. “When ABM got here up with the Group Join idea, we stated completely. Simply have multifactor authentication. They thought they could not do it below the constraints we’ve, however then we confirmed them how.”
Since employees can be most affected by their security options, Franklin-Thomas and Anderson started by gathering enter from these on the entrance traces who would use the applying within the subject. “ABM is basically a service firm — janitorial, parking and transportation, landscaping, amenities engineering,” Franklin-Thomas says. “The frontline staff members at these websites are the middle of what we do. They want safe entry to their digital sources — time sheets, coaching, messaging, and extra.”