Tim Galligan, General Manager of EMEA Operations, SailPoint
The UK’s planned exit from the EU continues to impact the country’s workforce. Since the 2016 Referendum, concerns around the ability to do international business post-Brexit has driven many companies to re-locate their staff or review their UK workforce. To date, almost a third of Institute of Directors (IoD) members have cited plans to move some, or all, of their operations back to Europe as a result of Brexit.
EU citizens have also been caught up in the ‘Brexodus’ effect. Although a no deal immigration provision has been made, just one million of the three million EU citizens living in the UK have applied for settled status, according to the Home Office. While the 31st December 2019 application deadline may seem like the distant future, continued uncertainty of status will likely create even more movement in the job market.
As individuals finalise their plans for the future, a heightened need to hire, replace or re-locate staff is placed on businesses. This, in turn, is impacting IT departments who must ensure these staff changes are handled diligently.
Effectively managing and governing who is accessing sensitive company information and applications is crucial to ensuring that confidential data does not fall into the wrong hands or leaves the jurisdiction of the UK. When staff change is in a state of flux, ensuring that the right digital identities are assigned to the right employees should be a heightened priority.
Replace, relocate, reallocate
The initial Referendum decision triggered many organisations to start thinking more globally. That inevitably meant changes for some iconic British brands. Dyson, for example, announced it would relocate its head office to Singapore amid speculation that the country’s free trade agreement with the EU would make it easier to export goods. Aviva meanwhile, is moving £7.8B of assets to Ireland and Rolls Royce is cutting 4,600 jobs blaming Brexit related problems. Alongside this, foreign companies planned for a post-Brexit future. Credit Suisse, for example, moved the majority of its core bankers from London to other European financial hubs.
Many other organisations are awaiting the 31 January 2020 to find out whether the UK will leave the EU with or without a deal to act on their contingency plans. The car manufacturing industry, for example, had planned production shutdowns ahead of the 31 October 2019 deadline in case of a hard Brexit disrupting the supply chain for parts. Honda has already announced the closing of its plant in Swindon.
Ultimately, the fear still remains and has sparked concerns that the profile of the workforce could change at speed. The impact would immediately put pressure on IT departments to manage requests such as closing employee accounts and changing access rights to information. A structured Brexit withdrawal Agreement however would give organisations more time to plan the transition.
Managing Identities in 2020
The changes in the workforce will require organisations to pay careful attention to ensuring each employee’s digital identity is carefully governed. To achieve this, it is more important than ever for companies to have a secure identity policy. According to the 2019 Identity Report, only half of organisations (48%) currently have an identity programme in place. This places the burden on IT departments to foresee and prevent disgruntled employees or former contractors from keeping unwarranted access to confidential information. Managing this process manually is tough, it’s admin intensive, time consuming, and susceptible to human error.
Identity platforms are getting smarter. They can help govern the entire user life cycle, from the moment they join, as they move about the company through to when they depart. These solutions minimise data breach risks that arise from users with excessive or unnecessary privileges. With strong visibility into who has access to what, should they have that access and what is being done with that access, organisations can quickly spot unusual patterns of behaviour based on on the user’s profile and role with the company. If an employee is accessing or downloading large quantities of files or viewing materials that don’t align with their job function, a an alert can be automatically be raised.
The certainty of uncertainty
While we still don’t know whether Brexit will result in us leaving the EU with or without a deal, we do know that businesses must be prepared for change. Identity cannot be overlooked and has an important role to play in facilitating both continuity and growth. By controlling your identity, you have the opportunity to control your business destiny.