UK government bodies challenged on secure identity

Sure identity and access management (IAM) is emerging as critical to helping public sector agencies and government organizations improve their existing services and launch new ones more quickly and safely, but these organizations are finding it challenging to come up with the perfect strategy. , according to new research from Okta’s Property Identification Specialist Author0.

To report its inauguration Identity of the inde public sectorX, Auth0 asked public sector IT leaders in the UK, Australia, New Zealand and the US to highlight the importance of centralized identification strategies to put secure and accessible services in the hands of people more quickly.

Since Covid-19 has forced many of these organizations to have an immediate need to implement digital services faster, the impacts on cybersecurity and user experience are only now becoming apparent: three-quarters of those surveyed are still They seek to further expand their digital services between now and the mid-point of the decade, and a similar number rank data protection and citizen privacy as the most important aspect of planning for digital service delivery.

Globally, the report found that fewer than one in five leaders were confident in the security or ease of use of their current authentication system: 17% and 19%, respectively. Slightly more than four in 10 (41%) were building their own IAM solution in-house, and of these, the biggest pain points were speed of deployment (83%) and use of internal staff to manage the service (82 %).

“Digitization is likely to continue in light of zero-trust mandates and rising consumer expectations,” said Dean Scontras, Okta vice president of education and state and local government.

‚ÄúPublic sector organizations benefit enormously from aligning their identity management strategy with their digital goals. While there is a strong focus on protecting citizens’ data, the vast majority of applications are still protected by a username and password, despite their well-documented security risks. “

Specifically in the UK, Auth0 data reveals that the most important aspects of providing digital citizen services are making them accessible from mobile devices (72%), preserving and protecting the privacy of citizens’ data (71%) , the general accessibility of services (68%) and building adaptable services (68%). From a cyber perspective, UK public sector leaders also highly rated the need to balance security with user experience and ensure citizens’ trust in digital, with 66% and 63% respectively showing that they said that these factors were very or extremely important.

But in all of the cases listed above, public sector confidence in its ability to meet these challenges was 10-15 percentage points lower, with only 54% saying they were very or very confident that it could protect the privacy of individuals. data, and only 52% said they were happy to be able to guarantee the trust of citizens.

When incorporating IAM into digital services, four out of 10 UK public sector respondents currently use a third-party IAM service, and three out of 10 build it in-house, while 18% are unaware. For those who choose to build in-house, the biggest benefits appear to be the ability to control where data is stored and processed, the ability to provide tighter internal security and management than a third-party vendor, and the ability to tailor authentication to various applications and services.

The pain points for self-built IAM included lack of resources and staff, slower implementation, additional pressure on the overall IT budget, lack of experience, and incompatible or non-scalable solutions.

Citing recent Forrester research predicting that many more government agencies will seek zero trust to revive public trust in digital services, Auth0 said it was imperative to take an identity-first approach to put IAM at the center of digital transformation projects, along with laying the groundwork for bases of zero-confidence. The public sector should look to newer login technologies that move away from traditional usernames and passwords and introduce friction for end users only when suspicious behavior is detected, he added.

“In the face of increasing digitization, skills shortages and online damage, governments are carefully looking at the technologies they can incorporate to help them achieve their digital goals,” said Okta consultant Jessica Figueras, who also advises governments. about cybercrime. and digital identity. “Research suggests that identity is one of those technologies that can help the public sector do more with less.”

The full Auth0 report is available for download from their website.

Leave a Comment