improving collaboration through identity management · an “identity ecosystem” that links an...
TRANSCRIPT
![Page 1: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/1.jpg)
Improving Collaboration through Identity Management A Candid Survey of Federal Managers
February 2014
![Page 2: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/2.jpg)
Purpose Driven by White House and Congressional directives such as HSPD-12, the National Strategy for Trusted Identities in Cyberspace (NSTIC), Insider Threat Task Force, and FICAM, federal agencies are focused on identity management like never before. Agency leaders face a difficult task in ensuring secure access to agency resources by the right people, at the right time, and for the right reasons, without restricting the organization’s operational effectiveness. Understanding the difficult task of balancing these two priorities, Government Business Council (GBC), Symantec, and HP undertook a study to explore the current state of identity and access management (IAM) in the federal government.
2
Methodology To assess the perceptions, attitudes, and experiences of federal executives regarding IAM, GBC deployed a survey to a sample of Government Executive’s online and print subscribers in December 2013. The pool of 975 respondents includes those of GS-11 through 15 grade levels and members of the Senior Executive Service in defense and civilian agencies.
![Page 3: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/3.jpg)
Table of Contents
1 Executive Summary 4
2 Respondent Profile 6
3 Research Findings 10 i. Current State of Federal IAM 11 ii. Security Concerns Can Limit Mission 15 iii. The Need for an Identity Ecosystem 21 iv. Public-Private Partnerships in IAM 26
4 Final Considerations 30
3
![Page 4: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/4.jpg)
4
1 Executive Summary
![Page 5: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/5.jpg)
Executive Summary Federal leaders are confident in identity management within their own agencies
A majority of respondents (72 percent) are confident or very confident in their agency’s ability to ensure appropriate physical access to resources. Slightly fewer (63 percent) are equally confident in their agency’s ability to ensure appropriate logical access. For many, the two are linked: 71 percent of respondents indicate that their agencies have integrated physical and logical IAM.
Outside of one’s own agency, security concerns limit collaboration
Nearly all respondents interact with groups outside of their agency, but security concerns limit their ability to provide services to these groups over the Internet. While respondents view the growth of mobile devices as an opportunity to improve collaboration, security concerns have limited their uptake in federal agencies.
An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency while lowering costs
The idea of a common framework for establishing trusted identities is a new concept for some federal leaders, but anticipated effects are largely positive. A majority of respondents expect an “Identity Ecosystem” to increase efficiency and confidence in using online services, among other benefits. To create an “Identity Ecosystem,” respondents are open to public-private partnerships, but security, privacy, and liability concerns will need to be addressed.
5
![Page 6: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/6.jpg)
6
2 Respondent Profile
![Page 7: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/7.jpg)
2%
4%
16%
28%
23%
22%
5%
0% 10% 20% 30%
Other
GS/GM-11
GS/GM-12
GS/GM-13
GS/GM-14
GS/GM-15
SES
Survey respondents are senior federal executives
7
41%
21%
21%
7%
7%
3%
0% 20% 40% 60%
None
1-5
6-20
21-50
51-200
Over 200
Job Grade Reports/Oversees
Percentage of respondents, n=975
78% of respondents are GS/GM-13
or above
59% of respondents oversee at least
one report
![Page 8: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/8.jpg)
Most respondents work in operations
▶ Most respondents work in operations, a category that includes program/project managers and logistics specialists.
▶ “Other” includes categories such as legal, research, management, technical professionals, and auditors.
8
Job Function
16%
3%
3%
5%
5%
6%
8%
11%
12%
32%
0% 10% 20% 30% 40% 50%
Other
Communications and telecommunications
Facilities, fleet and real estate management
Information technology
Legislative
Acquisition and procurement
Finance
Engineering
Human capital
Operations
Percentage of respondents, n=975
![Page 9: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/9.jpg)
Most Represented Agencies Department of Treasury Department of Agriculture Department of the Interior Department of Transportation Department of Commerce General Services Administration Environmental Protection Agency National Aeronautics and Space Administration Social Security Administration Department of Housing and Urban Development Department of Energy Department of Labor United States Government Accountability Office Department of State Department of Education
Office of Personnel Management Small Business Administration United States Postal Service Department of Homeland Security United States Agency for International Development Nuclear Regulatory Commission Department of Health and Human Services Department of Veterans Affairs National Science Foundation Executive Office of the President (including OMB) Department of Defense (OSD, DISA, DIA, DLA, etc.) Department of Justice Department of the Army Other independent agency
9
Agencies listed in order of frequency
![Page 10: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/10.jpg)
10
3 Research Findings
![Page 11: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/11.jpg)
11
i. Current State of Federal IAM
![Page 12: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/12.jpg)
What is Identity and Access Management?
12
▶ As used in this report, identity and access management (IAM) refers to a security practice that ensures access by the right people, at the right time, and for the right reasons.
▶ IAM can be used in reference to both physical access (e.g., to facilities, areas, or rooms) and logical access (e.g., to networks or files).
![Page 13: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/13.jpg)
Federal leaders are confident in IAM within their own agencies
Physical access (e.g., to facilities, areas, rooms)
Logical access (e.g., to networks, files)
13
29%
43%
21%
7% 1%
19%
44%
26%
8% 2%
Very confident
Confident
Somewhat confident
Not confident
DK
63% of respondents are very confident or
confident
72% of respondents are very confident or
confident
Percentage of respondents, n=975 and n=974, respectively
![Page 14: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/14.jpg)
For many, physical and logical access are interconnected
▶ A majority of respondents indicate that their agencies have integrated physical and logical IAM.
▶ Typically, integration involves using a common card or device to access the agency’s building and computer networks.
14
Has your department/agency integrated physical and logical IAM?
Yes 71%
No, but considering
15%
No, not considering
5% Don’t know
9%
Percentage of respondents, n=974
![Page 15: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/15.jpg)
15
ii. Security Concerns Can Limit Mission
![Page 16: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/16.jpg)
94% of federal leaders interact with external groups, especially other agencies
85%
56% 56% 49%
8% 6%
Other federal departments/
agencies
Citizens State, local, regional
government departments/
agencies
Industry partners Other None of the above
16
Groups interacted with through the course of work
Percentage of respondents, n=972
27% of respondents interact with
other federal agencies, citizens, state/local/regional government agencies, and industry partners
![Page 17: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/17.jpg)
Security concerns limit service provision
9% 22% 44% 24%
Security concerns prevent my department/ agency from offering certain services online.
Strongly disagree Disagree Agree Strongly agree
17
A majority of respondents (68 percent) indicate that security concerns limit online service provision. Even those who are currently providing services to citizens believe they are limited: 72 percent identify limits to online service provision.
68% of respondents agree
or strongly agree
Percentage of respondents, n=825 “Don’t know” not included
![Page 18: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/18.jpg)
Mobile devices offer an opportunity to enhance interaction with external groups
9% 10% 57% 24%
Mobile device usage presents an opportunity for my department/agency to enhance interaction with other groups.
Strongly disagree Disagree Agree Strongly agree
18
81% of respondents agree
or strongly agree
Percentage of respondents, n=863 “Don’t know” not included
![Page 19: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/19.jpg)
…but security concerns limit mobile expansion
5% 30% 46% 19%
Security concerns present an obstacle to my department/agency using mobile devices to interact with other groups.
Strongly disagree Disagree Agree Strongly agree
19
65% of respondents agree
or strongly agree
Percentage of respondents, n=809 “Don’t know” not included
![Page 20: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/20.jpg)
The lack of a common framework for establishing trusted identities limits interaction with external groups
7% 36% 41% 16%
The lack of a common framework for establishing trusted identities limits my department/agency’s interaction with other groups.
Strongly disagree Disagree Agree Strongly agree
20
57% of respondents agree
or strongly agree
Percentage of respondents, n=645 “Don’t know” not included
![Page 21: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/21.jpg)
21
iii. The Need for an “Identity Ecosystem”
![Page 22: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/22.jpg)
The White House has called for the creation of an “Identity Ecosystem”
▶ April 2011’s National Strategy for Trusted Identities in Cyberspace (NSTIC) highlights the need for an “Identity Ecosystem” where individuals and organizations leverage universally-recognized digital identities to securely interact with one another.
▶ By linking an individual’s electronic identities across multiple websites, NSTIC envisions that the “Identity Ecosystem” will provide online services in a manner that promotes confidence, privacy, choice, and innovation.
22
National Strategy for Trusted Identities in Cyberspace, April 2011.
![Page 23: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/23.jpg)
Sizable amounts of respondents are unsure of the effect that an “Identity Ecosystem” will have on efficiency, confidence, cost-effectiveness, citizen service quality, privacy, help desk calls, and security (23-34 percent select “don’t know”). Of those respondents who have an opinion, most anticipate positive effects:
Federal leaders expect largely positive effects from the creation of an “Identity Ecosystem”
30%
10%
15%
9%
15%
7%
11%
28%
38%
28%
34%
26%
29%
23%
42%
52%
57%
58%
60%
64%
66%
Security risks
Help desk calls
Privacy protections
Quality of citizen services
Cost-effectiveness
Confidence in using online services
Efficiency
Increase No change Decrease
23
Expected effects of an Identity Ecosystem
Percentage of respondents, n varies “Don’t know” not included
![Page 24: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/24.jpg)
Respondents identify additional benefits of an “Identity Ecosystem,” including…
Better data quality. Streamlined security clearance processes and better tracking of individuals.
The ability to work more effectively outside the office environment. It would give me access to sites that I need to use but are restricted if not on a government system.
Improved intergovernmental activities.
24
“ ”
” “
” “
Sampling of open-ended responses
” “
![Page 25: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/25.jpg)
“Identity Ecosystem” may be far off
2%
30%
24%
11%
3%
30%
0-1 years
2-5 years
6-10 years
More than 10 years
Never
Don't know
25
How soon do you think government could achieve an “Identity Ecosystem”?
Percentage of respondents, n=971
56% of respondents
think government can achieve
Identity Ecosystem in the next 10 years
![Page 26: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/26.jpg)
26
iv. Public-private Partnerships in IAM
![Page 27: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/27.jpg)
To reach “Identity Ecosystem,” the federal government supports public-private partnerships in IAM
27
“The private sector will lead the development and implementation of this Identity Ecosystem, and it will own and operate the vast majority of the services
within it.”
-National Strategy for Trusted Identities in Cyberspace, April 2011
"The Obama administration is committed to supporting public-
private partnerships that both enhance consumer privacy and ensure the
Internet remains a driver of innovation and economic growth."
-Secretary of Commerce Penny Pritzker, September 2013
National Strategy for Trusted Identities in Cyberspace, April 2011. NIST.gov, “NIST Awards Grants to Improve Online Security and Privacy,” September 2013.
![Page 28: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/28.jpg)
Though few respondents are opposed to public-private partnerships in IAM, many are unsure
31% 31%
18% 20%
0%
10%
20%
30%
40%
50%
Support Neither support nor oppose
Oppose Don't know
28
Opinion of public-private partnerships in IAM
Percentage of respondents, n=970
![Page 29: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/29.jpg)
Security, privacy, and liability top the list of concerns about public-private partnerships in IAM
29
Concerns about public-private partnerships in IAM
Percentage of respondents, n=965
5%
15%
7%
14%
30%
40%
50%
51%
55%
None of the above
Don't know
Other
Loss of IT jobs
Vendor lock-in
Changes in work/operational flows
Liability
Privacy
Security
![Page 30: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/30.jpg)
30
4 Final Considerations
![Page 31: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/31.jpg)
When considering an IAM strategy in your agency… Make room for mobile.
Though federal agencies may be late mobile adopters, citizens using government services are more and more likely to be doing so from a mobile device. As this trend continues, providing a secure, usable mobile interface for citizen services will be essential to mission effectiveness.
Look to agencies already experiencing IAM success.
The Federal Cloud Credential Exchange (FCCX), run by GSA and USPS is a good look into the future of identity management. FCCX will unify six different civilian agencies using FICAM authentication standards to allow the public to securely access online services through a single sign-on. This streamlined authentication will reduce costs for participating agencies, while providing a “secure, privacy-enhancing, easy-to-use-solution.”
Count all costs, including the hidden expense of forgotten passwords.
Forgotten passwords are expensive. Agencies should look at how they can reduce operational costs by passing those expenses on to credential service providers—federal or commercial—who can unify services around a single sign on.
31
USPS participating in creation of digital Federal Cloud Credential Exchange program
![Page 32: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/32.jpg)
Underwritten by
About HP and Symantec
For over 20 years, HP and Symantec have delivered joint technology solutions and services that enable organizations worldwide to secure and manage their most critical information. HP integrates Symantec into security, storage, server, and client solutions, and delivers enterprise services based on market-leading Symantec solutions.
![Page 33: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/33.jpg)
About GBC
Contact
Zoe Grotophorst Manager, Research & Strategic Insights
Tel. 202.266.7335 [email protected]
govexec.com/GBC @GovBizCouncil
Our Mission
Government Business Council (GBC), the research arm of Government Executive Media Group, is dedicated to advancing the business of government through analysis and insight. GBC partners with industry to share best practices with top government decision-makers, understanding the deep value inherent in industry’s experience engaging and supporting federal agencies.
33
![Page 34: Improving Collaboration through Identity Management · An “Identity Ecosystem” that links an electronic identity across multiple platforms could improve collaboration and efficiency](https://reader034.vdocument.in/reader034/viewer/2022050220/5f66358ddcc58421d8213b2c/html5/thumbnails/34.jpg)
Improving Collaboration through Identity Management A Candid Survey of Federal Managers
February 2014