In this ESG360 Video, ESG's Mark Bowker and Jon Oltsik discuss how corporations should think or act differently to protect a corporate identity.
Read the related ESG Blog: Why Companies Need to Protect Their Employees’ Corporate Identities (Video)
Mark: Hi everyone. I'm back with my good friend, Jon Oltsik today on our favorite topic of lately, identity, again. So Jon, here's a scenario. I see a lot of people out there looking at their personal identity and doing things to protect it. How should corporations think, or potentially act differently to protect a corporate identity? Meaning, though, a user name, password of that employee that's accessing corporate information?
Jon: Yeah, so we're seeing some of that, Mark. We're seeing some of it on a corporate basis, but I'd say where we're seeing it most, to protect the identities of key employees. And so this is sometimes called your digital shadow, so every place that you touch online, you leave a little bit of data there. So how do you protect that? And then there's also fraud, and identity theft, and things like that. So if I want to compromise the integrity of your company, why don't I impersonate your CEO as doing some nefarious thing? Or create some shadow website that's like a phishing site that looks like your site. And so companies need to look across the board as to what their employees are doing, who they are, protect their reputation. There's some great companies emerging out there, service providers to help do that.
Mark: Yeah, and some of it, too, is what they're accessing, as well, right? I mean, you're going to have certain employees that are going to access what I'd say, highly confidential data, where you may do things differently to those employees than you would somebody who's doing what I'd say just corporate email, for example, right?
Mark: They may look at it differently. So, Jon, you're also seeing where it may make sense to protect certain individuals identity, meaning somebody that's accessing highly classified information would be a more logical sense. I am seeing a little bit where HR is stepping in and they're having some ability to offer a benefit to protect the employee's identity. So that's kind of interesting. I'd see it more as being offered then buying into it or companies necessarily paying for that benefit. So it's an opt-in type of benefit.
Jon: Yeah, opt-in is a good thing because it gives somebody the opportunity to assess if that policy or if that service is a good fit for them. Often times, it is. Often times, it has perepheral benefits and people are much more sensitive, especially if they're senior people, about their privacy.
Mark: Sure, that's a good point.
Jon: So there's a balance between my security online, but also the privacy of the data, as you said. And that's an important consideration.
Mark: Good. I think you'll see more from Jon and I on this exact topic and I think the way we'll look at it certainly is just what you said there, Jon. The balance between the privacy and their employee, their personal experience mixed with their business experience. So stay tuned.