Experts give identity management advice

Proper deployment of identity management can improve organizations’ effectiveness and the bottom line, experts said.

Identity management answers the questions of whether people are who they say they are and whether they have the proper affiliation or criteria to do certain tasks, James Kerins, senior vice president for information solutions at LexisNexis Special Services, said at the Information Technology Association of America’s Identity Management Conference last week.

Automated identity management tools also help fight fraud and lower costs, Kerins said.

“Identity management is key to ensure trust, [privacy and security] as well as to facilitate collaboration and improve analytics,” said William Crowell, a security consultant and a member of the Markle Foundation’s Task Force on National Security.

Process and systems integration are a greater obstacle now than technology, said Frances Zelazny, director of marketing and legislative affairs at Identix. Human resources, IT and physical security workers don’t look at overall security systemically and instead work only to solve their particular issues, she said.

Successful identity management depends on viewing security systemically within an organization, Zelazny said. Identity management is frequently viewed as the responsibility of employees in charge of physical security, she said. They must work with human resources officials to develop processes for granting privilege levels, she said.

Getting the right information the first time when doing background checks – the first step of identity management – is crucial to successful deployments, Zelazny said.

She added that organizations face many challenges to getting the information right the first time, including poor data quality, employees dispersed worldwide and human resources staff who are not trained to capture fingerprints. Collecting the data is labor intensive, especially the first time, and sometimes requires seasonal hires, she said.

Organizations must look through their systems to ensure that each employee has only one identity, Zelazny said. They must remove duplicate identities and aliases in their systems and partner agencies, she said.

Biometrics are key to achieving eliminating duplication and differentiating between people with the same name, Zelazny said.

For example, organizations can use two photos of the same person – one smiling, one not – to improve biometric security. Running facial-recognition software against two related pictures instead of one adds additional security, she said.

Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.