One of the great challenges faced by operators of any network is the ability to have confidence in their systems’ access management. Without truly trusted identities, systems, and the information contained, cannot be trusted and leave agencies vulnerable. With Government’s enormous level of complexity of the IT ecosystem and budget processes, both are challenged with ID management issues. Identity, Access Management and Digital Trust are fundamental to any Information Governance Framework given its importance to security, as well as its (potential positive financial) impact on electronic discovery costs. End-to-end information management must be married to end-to-end employee management to address Insider Threats with “employee” defined as anybody given access to any system, device and/or information asset.
In a recent Market Connections survey sponsored by Unisys, survey respondents said external threats, mobile device use, and vulnerability patching were the areas of greatest concern in their respective agencies. Agencies are confronting these challenges via smart cards, endpoint security software, configuration management software, Network Access Control (NAC) solutions and more. Nearly two-thirds of the respondents felt identity management systems are very important to secure operations of their agencies.
The proliferation of connected devices, adoption of cloud computing, and digitalization—individually and collectively— are also challenging those responsible for Identity and Access Management to find solutions in a rapidly changing and evolving technology landscape. Government IT leaders need to ensure their Identity and Access Management teams are enabled to take advantage of the latest technological advances.
In the last few years, just about everyone has come to appreciate the importance of having strong cybersecurity. Confronting these ever-changing threats with limited budgets and in some cases very outdated information systems, will keep many Government leaders awake at night. NIST’s Trusted Identities Group’s efforts are providing leadership and guidance everyone in government can leverage to improve their cyber risk posture. To truly achieve Digital Trust, it will take government and industry support and enforcement of strict Identity and Access Management compliance. Our confidence in government depends on it.