Citizen Experience is a focus of government agencies from federal to state and local. Governments are working to give citizens the same service experience they get as consumers in the commercial market. A huge piece of this is understanding who the citizen is and creating a "journey" tailored to their needs. This starts with the rather technical and security-minded practice of identity management.
Traditionally, identity management has been viewed as a way to enable access to systems for a workforce. It is the practice that assures that the proper people have access to the technology and systems they need. If we look at it in the context of citizen service, identity management is more than giving people access to their accounts. It is about giving people and systems that serve citizens insight to how they can better serve each citizen. In fact, a well-thought out identity management strategy can proactively offer applicable programs related to public health and social services.
Identity management is playing a role as part of robotic process automation (RPA) solutions designed to speed up benefits to citizens. In an effort to improve the turnaround time for loan distribution during national crises, RPA can enable a compilation of an applicant's record from multiple systems, channels, and service providers for collection and entry into systems for underwriters to analyze. Identity management is key to achieving 10 to 100 times faster processing, ensuring that the person applying for the aid is who they say they are.
For the past 17 years, the Cybersecurity & Infrastructure Security Agency and the National Cybersecurity Alliance have led a month-long national focus on cybersecurity best practices. In coordination with a number of organizations around the country, each October features events and campaigns to help educate businesses and individuals on avoiding dangers lurking online. As with everything else, the activities for the 2020 Cybersecurity Awareness Month will look a bit different. But perhaps it is fitting that most of it will be taking place online. It's a great opportunity to practice what you preach when hosting virtual events and resources.
The theme for 2020 is "Do Your Part. #BeCyberSmart," encouraging individuals and organizations to look at their own role in protecting cyberspace and providing proactive steps to enhance cybersecurity. A big part of this is the idea of "if you connect it, protect it." Resources and speakers will focus on securing devices at home and at work, securing Internet-connected healthcare devices, and looking ahead to the future of connected devices.
In government, doing "your part" means making a transition to a zero trust security environment where access controls are maintained around data and systems even after someone has shown the proper credentials to get into the network. The name "zero trust" implies a difficult hurdle that has to be overcome to earn the trust, but that is not the case. A different way of looking at it is "context-based trust" or "variable trust" meaning that devices with network access will receive immediate entry. Other devices that are unknown to the network will be subject to additional checks and balances. Key to this is establishing what is perceived as normal behavior on the network and by users. As activity deviates from that norm, systems and data can be locked up until legitimate access is verified. Continue reading
Biometrics is the use of an individual's unique physical and behavioral characteristics, typically used for identification and access control. Fingerprinting, the oldest form of biometrics, can be used for much more than identifying criminals. Fingerprint sensors have long been in use to allow individuals to login to their laptops, control physical access to buildings, track attendance of employees, and much more. Today, the focus is on improving facial recognition both for access to systems and facilities and as part of national security practices.
Facial recognition holds promise for accurately identifying who should and should not be in a specific place - whether that is a physical location like a building or an airport, or a virtual one like a set of classified files. However, the technology is not as reliable as the market requires. The impact of false positives and missed identities are measurably bigger when you are talking about identifying someone on a terror watch list rather than simply being locked out of your cell phone. There is considerable work being done to close the gaps between the promise of facial recognition and the reality of today's technology.
In a world where we are conducting more and more business online, biometric identification seems like a no-brainer for increasing the security of accessing personal data. But there is a privacy concern. Using biometrics means that organizations have access to very personal credentials and a recent ruling showed that the FBI does not need to disclose what biometric data it has on citizens. Continue reading