What IT Professionals Should Learn from Pope Francis’ Security Detail

With Pope Francis’ recent visit to the U.S., I was struck by how similar the challenges faced by the Pontiff’s Security Team are to those in enterprise IT today. Whether physical or cyber, security teams must protect their people from the threats against them.

Popemobile bulletproof

Let’s take a look first at why the challenges of protecting the Pope are, in fact, like those of protecting users from cyberthreats. In both cases, it starts with the physical boundaries in which these actors do their jobs. A little over twenty years ago, work for the most part was done in one place — at work. IT merely needed to protect the physical security of those buildings and the computers contained therein. While the Pope’s work was not contained to a single location, his security team would protect all of the physical locations where he worked. This included protecting him in transit while riding in his bulletproof and heavily armored car, the Popemobile.

popemobileFast forward to today, and compare that to Pope Francis, aka the “People’s Pope.” Pope Francis feels that to do his job he needs to interact with the people he visits and he can’t do that while enclosed in his moving protective fortress. Pope Francis prefers a more exposed Popemobile and often leaves the vehicle entirely to interact with the throngs of people who come to see him.

Protection must go further than physical boundaries

This phenomenon is very similar to what we have experienced in the world of IT and enterprise security in the same timeframe. Internet, mobile and SaaS have completely redefined the modern workspace. Physical borders are now irrelevant; users must be protected wherever they are and on whatever device they are using.

Francis’ security team consisting of the Swiss Guard, the Secret Service, and the local police had to adapt to secure his surroundings since they could not keep him in his car. To do so, they required parade-goers to provide tickets and pass though metal detectors just to line the processions. While total isolation (keeping the Pope inside the car, or not taking the trip in the first place) is more secure, that would greatly hamper the Pontiff’s productivity and effectiveness.

Similarly, IT teams need to adapt to protect users as they venture outside the secure confines of their corporate perimeter and embrace mobile and SaaS products. Sure, it would be easier for IT to say “no” to mobile and SaaS, but that wouldn’t be at all practical today. Instead, IT must take measures to adapt and protect their users while enabling them to be productive.

Modern security solutions enable productivity

While traditional enterprise security solutions came at the expense of user productivity, modern security solutions enable productivity. For example, Centrify Identity Service is an integrated single sign-on and mobile device management solution that improves end-user productivity and secures access to cloud, mobile and on-premises apps. While single sign-on is often viewed as a nice-to-have productivity feature, it’s actually an imperative for security. Bad actors look to do harm to the modern enterprise by stealing users’ identities to access the corporate network as an insider. SSO is not just about making it easy for a user to access their apps; it’s primarily a way to protect passwords. With Centrify Identity Service, corporate IT can eliminate the use of passwords entirely and enable users to login with a username and a known factor (e.g. OTP sent via SMS to the user’s mobile phone), or can protect the password by only allowing it to be entered after verifying the user identity (similar to the parade-goers need to provide tickets and pass through metal detectors).

Whether you’re part of the Pope’s security team or are responsible for corporate security, your job description is pretty much the same: protect your constituents and enable them to be productive. Security efforts should block the bad actors while liberating those it’s designed to protect to be productive. If you’re in IT and your solutions aren’t serving both needs, you should reassess what you’re doing.

To discover how a unified identity management solutions can help solve these security and identity challenges, read Top Six Things to Consider with an Identity-as-a-Service Solution.