What is intranet security? Top 5 considerations are; anonymous access, integration with active security groups, keeping control of social, support for temporary or volunteer staff and preventing misrepresentation.
When evaluating different intranet software providers, prospective buyers often overlook a key component: intranet security. As the Product Manager here at Intranet Connections, I am here to remind you that intranet security should be top of mind when evaluating intranet software providers. Below are my top 5 key intranet security considerations you should keep in mind when searching for the perfect intranet solution.
To learn more about these top 5 key intranet security considerations, watch the ondemand version of our Managing Intranet Security webinar.
In smaller organizations, granting anonymous access isn’t a problem. Every user must log into the intranet to gain access. For larger organizations, this can be an issue. For example, in healthcare organizations, you may have one computer on the floor that is shared by all nurses. While you could require each nurse to log in separately, this can cause issues in practice, such as:
If you have any type of shared computers, ensure that any intranets you are evaluating have the ability to allow for anonymous access to less sensitive resources. Because anonymous access doesn’t require authentication, having an intranet accessible only within the building is important and provides greater security.
Much of the time, security can be applied based on a user’s particular department or roles. For instance, only bank tellers should be to access the bank teller procedures. Hopefully, membership in various departments or roles is already defined in your Active Directory. Ensure any product you are evaluating can import and update these groups from Active Directory. If it can’t, you will have to manage security group membership in both the intranet and Active Directory, which is time-consuming and can be error-prone.
We all instinctively know that what you can say in the breakroom is a lot different than what you can say in a management meeting. However, this social context is often lost in the intranet. If you are planning to use the intranet to increase employee engagement, ensure you can use security to set up “safe places” in the intranet for discussion and comments, limiting how far conversations can travel. This applies to all social features in the intranet, including blog posts and comments, Discussion Forums, and Message Boards.
Before choosing an intranet product, think about the types of staff you have, and how they will access the intranet. While the majority of your users may login to the intranet using their Windows credentials (managed by IT), do you have temporary staff who aren’t in Active Directory? For instance, if you often bring in temporary staff or volunteers, you’ll want the ability to create them temporary logins to the intranet, without needing to go to IT to create them an official Active Directory account. To support both Single Sign-On for permanent staff, but still allow temporary staff to login in, ensure the intranet product you choose allows for both Windows logins and Form-based logins at the same time.
Also, don’t forget about costs. Many intranet vendors charge you a month fee per user, regardless of if they are full-time permanent staff, or part-time volunteer/temporary staff. Don’t forget to account for these temporary staff when pricing out your intranet.
This is something most people don’t think about until after choosing an intranet product, but can be critically important. You want employees to be able to update their personal information, like phone numbers, skills, and interests in the intranet, but other fields, like title and picture must be locked down. Understand the security implications of staff being able to change how they are represented in the Employee Directory, and ensure any product you choose has the ability to restrict access to employee fields if this is a concern.
Intranet Connections has plenty of experience helping our customers deal with their security issues, with many unique features added over the years. If your intranet security concerns go beyond what other products can offer, we’d love to hear from you in the comment section below.