The human face of the workplace A world without users? “Automation”, “DevOps”, “Robotic Process Automation” (RPA), bots, chatbots and other robots, “artificial intelligence” (AI), … According to some people, users will disappear from the scene: the omnipresence of computing, called “digital”, will eventually replace them, do everything for them, and even do more and better than they do. Clearly, as the French song goes, “we are very little things, …”. Will dematerialization go so far as to dematerialize the user? Is there anyone still behind the screen? Should we still worry about the user experience if the user disappears from our organizations? Of course, this phenomenon is happening and its magnitude has never been greater. And at the same time, there have never been so many applications designed for users (just look at the screens of our smartphones), there have never been so many users of digital applications (native or actual). Digital, as a user experience, has invaded our lives, both professional and personal: and we expect the same digital experience at home and at work (“B2C-B2B convergence”). So there is always a user behind any workplace, and this user is a person: a big challenge resides in this interaction with the digital part of his workplace. The end user : an end! This user is each one of us. And, let’s face it, our hearts balance between attraction and fear. We are attracted by the potential of this (r)evolution that transforms our lives: we want to participate to it, and in organizations, the users who adopt these new technologies and new uses are even more and more the actors and decision makers of change, even of disruption. And at the same time, we fear the potential of this digital pressure that is invading us, and from which we want and should protect ourselves. Protection of personal data, the right to disconnection, the right to oblivion, awareness of the carbon footprint, balance between personal and professional life, etc. If we consider computer science as a scientific progress, it cannot avoid the tensions caused by any “progress” of this type, by reminding us the purpose of our humanity: “technology is made for people and not the opposite.” The digital desktop : a natural extension of our professional activity ? This tension is obviously present in the company or in any organization, between the opportunity provided and the pressure exerted by the digital. The opportunity is clear and obvious, and in all sectors – not just the tertiary sector. It is reflected in new business models, such as platforms, transforming ecosystems. We no longer know where to place certain aspects of digital, on the value side or on the constraint side, on the opportunity side or on the pressure side, as control and regulatory compliance, on the one hand, and productivity and operational efficiency on the other. It’s all about balance. Some recommendations from security organizations sometimes generate such demanding requirements that it is not easy to find operational solutions within the company. Some digital productivity solutions are a nightmare for their users – “starting the computer, finding and launching the right application, entering the right password, understanding the user experience of the application”, is not always natural for some professions (in the fields, in factories, in hospitals, at the counter, etc.). Too often, staff are in a kind of submission to the digital technology offered to them: it would rather be for the digital desktop to be like a natural extension of their professional activity. The four pillars of the human face of the digital desktop There are many aspects to consider in building a digital desktop that will be attractive to users. We have chosen four of them, and it is the consolidation of the whole that will contribute to give a human face to the workplace. Who is the user? The first pillar is the identity of users. It is the cornerstone of any digital experience. The Gartner also says it is the “new security perimeter” (Felix Gaehtgens, at the first edition of our betterWE event, “for a better Workplace ExperienceOverall experience of an employee within an organisation. Workplace experience is an approach that focuses on the employee, the technology he or she uses and the culture of the company in which he or she works, in order to improve working conditions. The digital ecosystem, with its innovative and constantly evolving web tools and applications, has a major impact on the workplace experience. In particular, it allows, within an organization, better flexibility and communication between employees, including teleworkers. For management, it is also a matter of building employee loyalty and improving productivity. In other words, the purpose of the workplace experience is not to increase the number of digital tools used by employees, but to place technology at the service of people to improve their experience of the work environment....”). First of all, we think of the employees of a company or organization: but there are also people working for customers, suppliers, partners, anyone participating in the ecosystem. The user’s identity goes far beyond his identifier! It’s about who’s behind or in the office. It is a question of knowing the context in which the person accesses the application: a consultant who works with several clients will have different identities, depending on the relationship he has with each of the organizations he is collaborating with. The identity will lead to authenticationPrimary or secondary authentication Authentication allows a user to guarantee his or her identity before accessing a resource or service. Primary authentication will give user access to the workstation (Windows login). Several authentication modes can be made available to users: login and password, smart or contactless cards, biometrics, mobile ... To classify an authentication mode it will be enough to rely on the principles of the 3 factors: "What do I have? ", " What do I know? ", " Who am I? ». The answers provided to these questions make it possible to say for a given authentication method whether it is "simple" or "double" factor. Secondary authentication is the access of a user to an application from an open session on a workstation. The application can be of any type: web, client-server, local to the workstation or external......, i.e. the verification that the user is who he claims to be. Often, this authentication is carried out using passwords, which have become a real nightmare for users and organizations, especially for security managers. We can’t wait for a world where the user doesn’t have to worry about passwords anymore! And this authentication is not limited to a first and unique control: who tells me that it is always the same user behind his screen after a quarter of an hour, an hour …? A transparent, natural and continuous user authentication would facilitate the life and experience of users. The user … of what? Applications are the second pillar. The application is the virtual worker’s tool. Some worker’s tools will never be available in the form of applications! But from now on, most of the worker’s tools will propose an application or an application complement to the tool itself. Applications are the purpose of the digital world – with or without a user. These applications run on various computers or equipment: on the user’s equipment (desktop, laptop, tablet, smartphone), on another computer or equipment than the one used by the user (a server – cloud, object – IoT), or a combination of both, in various architectures (“client-server”, “web”, “mobile app”, “agent”, etc.). From the user’s point of view, the application must be available and responsive. In such applications, the user is often associated with an “account”: it is a matter of pre-provisioning users and their accounts in order to make users’ access to their applications as transparent as possible. The user only sees the “man-machine interface” or “user interface” in the application: the user experience of this interface is one of the most human challenges of digitalization. With the centralization of data centers in the cloud and the quality of the networks, it is often only this interface which “runs” on the user’s equipment, thanks to virtualization technologies, sometimes also called “interface offset.” The human experience of using applications then depends strongly on the quality of this virtualization. In digital business, it is no longer the user who goes to his workplace, but his workplace which comes to him. Access rights The question that comes naturally after these two pillars is: who has access to which application? We are talking about access rights, or entitlements : this is the third pillar. Despite appearances, a problem that seems simple is actually very complex. Because real business situations are complex and difficult to translate into entitlement representation models. The concepts of “group” or “role” have been extensively used to simplify this management: but experience shows that they are insufficient to represent the real situations of our organizations and ecosystems. The complexity is due to several factors: the heterogeneity of applications in terms of how they manage access rights; staff turnover or organizational changes that constantly modify access rights; the need to ensure that actual rights in systems correspond at all times to the rights expected by the business; etc. Among users, there are some with more privileges than others! They are called “privileged users.” For example, these users create other users and grant them rights. Or they configure infrastructures and applications for other users. As a counterpart for their privileges, they agree to be monitored. Managing these privileged users is essential: if someone manages to usurp their identity, for sure the company will make the headline news. Users’ rights may also vary depending on the circumstances of use: access to your applications will be restricted for outsourcing staff, for example. All these situations are part of the daily business reality: the more transparent the access to his applications is for the user, the more he can concentrate on his job and his activity. Access infrastructure Every company wants to allow all participants in its ecosystem to access their applications. From anywhere. In any circumstances: at the office, on the move, at home, from third party service providers. From any “device”, either from desktops controlled by the company (COPE) or from uncontrolled desktops (BYOD). To make this possible, and to make the digital desktop as natural as possible, an underlying infrastructure is needed that supports this chain from the user’s terminal to the application he needs, with the necessary performance and compliance. This infrastructure is not only composed of networks and computers: it must also provide the necessary software infrastructure to offer users the best trade-off between user experience and security, and the company the best trade-off between business enablement and risk control. Because, behind every workplace, there is a person who deserves to be empowered and trusted. As we can see, to provide all users with a work environment that meets the highest levels of experience and security requirements, it takes to manage their identity and authentication, provide them with an ergonomic interface to access their applications, control the access to their applications without compromising the user experience. Sometimes it takes to manage special situations of special users (“with privileges”) or special circumstances of use (mobility, homeworking, outsourcing). It also takes to ensure that the underlying infrastructure is capable of providing the performance and availability required. It is a whole “chain of trust” that must be implemented and ensured. It is therefore necessary to consolidate and make work together a large number of different technologies and a large number of departments within the company. Very few market players can combine all this into a single platform for access to enterprise applications. Such a platform will provide companies or organizations with a unique agility in connecting company or third party employees after recruitment or transfer, after a homeworking agreement, after an outsourcing agreement to a partner, after the centralization of data centers in the cloud, etc. It will provide each user with full power and trust in their working environment. And it will thus contribute to give a human face to the workplace.