Securing work that can’t wait: Lessons from the frontlines and critical industries

Learn how three organizations in critical industries are rethinking identity, shared mobile devices, and vendor access to keep essential work frictionless and secure.

Healthcare, manufacturing, and public safety sectors operate under intense pressure: limited resources, strict regulations like HIPAA, CJIS, and CMMC, and an evolving threat landscape. Ransomware attacks on U.S. critical infrastructure increased 9% in 2024, with healthcare and manufacturing among the most targeted sectors. What’s more, the cost of downtime from cyber incidents now averages $49 million and 75 days to recover, having a significant impact on operational continuity.

When taking steps to address and enhance cybersecurity, these organizations face intense security friction. Long, complex passwords, cumbersome authentication, and inconsistent access controls can create inefficiencies and non-compliant, vulnerable workarounds that pose risks, underscoring an urgent need to strengthen security without slowing the pace of essential work.

Identifying the problem: Legacy architecture, disorganized device sharing, and third-party risk

Legacy technology is one of the biggest barriers to secure, efficient work in critical industries. Many organizations still rely on aging on-premise systems and hybrid cloud environments, creating vulnerabilities that cybersecurity threats can exploit. In manufacturing, 50% of organizations continue to use Operational Technology (OT) assets that are more than 15 years old, making patching and access control difficult. In healthcare, legacy systems hinder evolving workflows and heighten cybersecurity risks, making it harder for clinicians to deliver care.

Shared workstations and mobile devices also introduce friction. Clinicians lose an average of 45 minutes per shift to logins, device resets, and manual provisioning, creating delays that frequently drive workarounds such as credential sharing. Frontline workers in manufacturing experience similar inefficiencies on shared terminals, as do first responders and workers in public safety settings requiring robust security measures. This contributes to user fatigue and compliance concerns, especially when staff employ rogue workarounds to share devices (like sharing login credentials), complicating usage statistics and introducing disorganization for IT departments servicing and provisioning devices for organization use.

Third-party access adds another layer of risk. Vendors supporting cloud-based applications and operational technology often access environments through shared credentials or VPNs, leaving IT with limited visibility. Research shows that 47% of organizations experienced a third-party breach in the past year, a clear signal that unmanaged or excessive vendor privileges remain a security and operational blind spot.

The solution: Usable lessons from frontline work

Many organizations are approaching these challenges by rethinking identity and access as the backbone of secure, efficient work. Here are three practical lessons based on their experiences:

Lesson 1: Modernize authentication to keep pace with critical work

The shift away from passwords is key in enhancing security and efficiency. At Hamilton County Sheriff’s Office, outdated passphrases were still vulnerable despite being 20 characters long, prompting the agency to rethink authentication entirely. The agency’s move to badge-tap access eliminated the need to remember complex login information, reducing password fatigue across 900 users and 1,200 devices while aligning with CJIS requirements, demonstrating how stronger security and faster workflows can coexist.

In manufacturing, shared logins can create both operational and security challenges for critical supply chain environments like factory floors. A large U.S. manufacturer reported that a single password-related lockout on a shared workstation could cost the company hundreds of thousands of dollars in downtime. By rethinking authentication and adopting fast, consistent access methods like proximity badges for single sign-on (SSO) and multifactor authentication (MFA), the organization eliminated delays and strengthened accountability on the production floor—an essential step as legacy and OT systems intersect with cloud-enabled workflows.

Lesson 2: Build secure, efficient mobility around identity and access

Healthcare organizations are increasingly dependent on mobile communication and documentation, but without unified identity management, shared mobile programs can quickly become risky. Mackenzie Health experienced this firsthand as shared iOS mobile devices became central to clinical communication, patient access, and electronic health record (EHR) workflows. Without a consistent approach to identity management, provisioning and deprovisioning, and governance, devices required frequent reconfiguration, introduced protected health information (PHI) exposure risks, and placed significant strain on IT.

By redesigning mobile strategy around identity, the organization was able to deliver fast, secure, role-based access for every clinician, across every shift. Automating checkout and check-in meant clinicians received a personalized workspace within seconds, while IT gained real-time visibility into device use and location – making proof of concept for compliance that much easier. This shift improved clinical efficiency, reduced device loss, minimized privacy risks, and reduced IT burden, enabling shared mobile programs to scale effectively.

Lesson 3: Close the third-party access gap before attackers exploit it

As third-party involvement in data breaches nearly doubled from 15% to 30% this year, growing reliance on vendors has made structured, auditable access a strategic necessity, especially in critical industries like public safety, healthcare, and manufacturing. For example, the Regina Police Service needed to provide both internal staff and third-party vendors with fast, secure, and transparent system access while meeting strict compliance standards. By utilizing vendor privileged access management (VPAM) solutions, they reduced vendor support times “from hours to minutes” and gained full transparency into external network activity.

Healthcare organizations face similar challenges, often with even greater consequences. Sky Lakes Medical Center, recovering from a ransomware attack, found that generic accounts and unmonitored VPN access left them exposed. Adopting VPAM enabled the organization to enforce MFA, record vendor sessions, and ensure precise, time-bound access. Sky Lakes reduced vendor onboarding from two days to two hours, resulting in an 88% improvement across IT efficiency and productivity. By focusing on closing the privileged access gap, organizations can effectively strengthen security measures to protect data and demonstrate compliance, proving that third-party access is an essential component for modern cybersecurity resilience.

The takeaway: Security becomes transformative when it removes friction

Organizations that achieve the greatest impact from their cybersecurity and IT investments are those that approach security as an enabler of frontline work, not an obstacle to it. These experiences show that in critical industries, securing work that can’t wait requires rethinking identity and access management as the foundation of safe, resilient, and efficient business operations.

To learn more about how these and other organizations are tackling similar challenges, read our case studies and success stories.