The concept of zero trust has been heavily marketed by cybersecurity vendors recently, but that doesn't mean the principles are without value. A properly implemented zero trust strategy can significantly reduce the cost of data breaches. According to a study by IBM Security, organizations that adopt a zero trust approach can lower the cost of a breach by 43%. Given the high financial and reputational costs of data breaches, this is a valuable proposition for any organization.
But what does the intersection of zero trust, digital trust and employee trust look like in practice? To explore this question, we conducted research at Cerby and recently published a report titled The State of Employee Trust. We spoke with more than 500 employees across the globe to understand how employers can earn employee trust moving into 2023, and the results were illuminating.
Digital trust is an essential consideration in this context. According to ISACA, digital trust is the confidence in the integrity of the relationships, interactions and transactions among providers and consumers within an associated digital ecosystem. In other words, it’s the level of trust between parties in a digital environment. For organizations to earn digital trust, they must be transparent and accountable, protect data and privacy, and ensure the security and reliability of their systems and processes. Employees are a vital part of this interaction.
One key finding from our research was that applications are closely tied to how people get their work done and their job satisfaction level. Along those lines, 39% of employees said they would be willing to take a 20% pay cut in exchange for the freedom to choose the applications they use for work. This highlights the importance of giving employees autonomy in choosing the tools and technologies they believe they need to do their jobs well. Our research suggests that decision-making rights over which applications to use can contribute more to increased performance at work than financial rewards or positive feedback from superiors. By giving employees more control over the tools and technologies they use, organizations can foster a sense of ownership and engagement, leading to higher levels of job satisfaction, productivity and digital trust with consumers.
Unfortunately, many companies adopt a "block first, ask questions later" approach to security, which can erode employee trust and undermine the benefits of empowering employees to choose their own applications. In our previous research at Cerby, we found that 19% of employees ignore application blocks and continue to use the apps they prefer, despite such restrictions. This suggests that organizations should seek to balance high levels of trust in employees with zero trust principles for data, applications, assets and services (DAAS).
A more effective approach may be to adopt an enrollment-based approach to security that balances trust-positive initiatives like employee choice of applications with cybersecurity and compliance requirements. By adopting this approach, organizations can build digital trust with employees by giving them more control over the tools and technologies they use while still ensuring the security and reliability of their systems and processes for consumers.
But the benefits of building high levels of employee trust go beyond improved job performance and satisfaction. Our research found that 81% of employees felt increased energy, happiness, productivity and contribution when their employer demonstrated trust in them. High levels of employee trust can lead to many positive outcomes for the organization, including higher-quality products, continuous improvement and innovation. And in turn, these outcomes can drive growth and profitability for the company.
Given the clear benefits of building trust with employees, organizational leaders must take tangible steps to do so daily. This may involve giving employees more autonomy in choosing the applications they use for work, adopting a more enrollment-based approach to security (where there’s something in it for the employee to use a security control), and demonstrating trust in employees through actions and decisions. By empowering employees to choose their own applications and adopting an enrollment-based approach to security, organizations can build digital trust with employees and create a more positive and productive work environment.
To further build trust with employees, organizations should consider adopting a range of trust-positive initiatives. These may include providing ongoing training and support to help employees stay up to date with the latest tools and technologies, offering flexible work arrangements that allow employees to better balance their work and personal lives, and regularly soliciting and incorporating employee feedback into decision-making processes. By taking these and other steps to build trust with employees, organizations can create a more positive and productive work environment and drive better outcomes for everyone involved.
The intersection of zero trust, digital trust and employee trust is complex and multifaceted. By adopting zero trust principles and trust-positive initiatives, organizations can build digital trust with employees and consumers, create a more positive and productive work environment, and drive better outcomes.