Zero Trust is popular because it works. It is ideal for securing data, applications, assets, and services (DAAS). IBM Security found that when a Zero Trust strategy is appropriately implemented, it reduces the cost of breaches by 43%. This is amazing…however, what does a Zero Trust strategy do for employee satisfaction and trust? We set out to answer this in our latest research, The State of Employee Trust.
We spoke with over 500 employees across the globe to discover the most practical ways employers can gain employee trust moving into 2023, knowing how critical this is for employee happiness, workplace satisfaction, and retention. We were surprised by the results. If empowered to choose the applications they use for work, 39% of employees said they would be willing to take a 20% cut in pay. This finding sheds light on what many employers fail to realize: applications are intimately tied to how people get their work done and their job satisfaction level. This begs the question: if employees care so much about choosing the applications they use for work, why do so many companies take a “block first and ask questions later” approach?
Our research indicates that this mentality pervades most security and IT teams. Despite Shadow IT spending representing over 50% of enterprise IT outlays and many applications falling into the ‘unmanageable’ category (no support for standards like single sign-on (SSO), passwordless authentication, or security APIs), security teams feel they can block their way into security. But this isn’t working, and it’s destroying employee trust at a time when it may be needed most.
Here are the key takeaways from our research:
- Employee freedom to choose applications builds human trust
39% of employees said they would take a 20% cut in pay for the ability to choose the applications they need to accomplish their goals at work. Most employees associate autonomy in choosing the tools and applications they need to do well with elevated levels of job performance, job satisfaction, and happiness. Decision-making rights over which applications to use contribute more to increased performance at work than financial rewards and positive feedback from superiors. - Zero Trust policies are only for applications and data, not human relationships
19% of employees immediately ignore application “blocks” and still use the applications they want, according to our previous research, State of Employee Choice. Organizations should seek to balance high trust in employees and Zero Trust principles for technology. Attempting to rely on security tools that prevent employees from using anything but IT-sanctioned applications continues to fail as employees ignore the rules or find workarounds to imposed policies. - High employee trust yields better outcomes for everyone
81% of employees felt increased energy, happiness, productivity, and contribution when employers demonstrated trust. Every organization should aspire to a high trust relationship with employees because the most sought-after outcomes in organizational life flow from high levels of employee trust. Higher quality products, improved innovation, and increased growth and profitability for the company are vital outcomes where high trust is demonstrated toward employees.
The research calls for a new enrollment-based approach to security that balances trust-positive initiatives like employee application choice with cybersecurity and compliance requirements. Organizations must explore solutions that solve every company's challenges with unmanageable applications–manual user provisioning and deprovisioning, no support for corporate identity providers like Okta and Microsoft’s Azure AD, and no support for passwordless authentication. Solutions exist that successfully solve these challenges with an enrollment-based approach. Employees are willing to self-enroll in these solutions because they eliminate critical security tasks like managing passwords and access and make employees more productive, allowing them more freedom and flexibility without creating new risks —a win-win for security, IT teams, and every employee.
The bottom line is clear for leaders who want to build high-performance organizations for shareholders and employees: Zero Trust is only for applications and data, not employees. Organizational leaders must take tangible steps to build trust daily if they want the highest quality products, continuous improvement, and innovation.
The full report covers the topic in much more detail, along with actionable steps that can be taken, so be sure to download it. Employee trust and security are topics we are passionate about at Cerby. That’s why we’ve created the world’s first security platform that discovers new applications, eliminates manual security tasks like employee offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity and trust.