Experts give identity management advice

Proper deployment of identity management can improve organizations’ effectiveness and the bottom line, experts said.

Identity management answers the questions of whether people are who they say they are and whether they have the proper affiliation or criteria to do certain tasks, James Kerins, senior vice president for information solutions at LexisNexis Special Services, said at the Information Technology Association of America’s Identity Management Conference last week.

Automated identity management tools also help fight fraud and lower costs, Kerins said.

“Identity management is key to ensure trust, [privacy and security] as well as to facilitate collaboration and improve analytics,” said William Crowell, a security consultant and a member of the Markle Foundation’s Task Force on National Security.

Process and systems integration are a greater obstacle now than technology, said Frances Zelazny, director of marketing and legislative affairs at Identix. Human resources, IT and physical security workers don’t look at overall security systemically and instead work only to solve their particular issues, she said.

Successful identity management depends on viewing security systemically within an organization, Zelazny said. Identity management is frequently viewed as the responsibility of employees in charge of physical security, she said. They must work with human resources officials to develop processes for granting privilege levels, she said.

Getting the right information the first time when doing background checks – the first step of identity management – is crucial to successful deployments, Zelazny said.

She added that organizations face many challenges to getting the information right the first time, including poor data quality, employees dispersed worldwide and human resources staff who are not trained to capture fingerprints. Collecting the data is labor intensive, especially the first time, and sometimes requires seasonal hires, she said.

Organizations must look through their systems to ensure that each employee has only one identity, Zelazny said. They must remove duplicate identities and aliases in their systems and partner agencies, she said.

Biometrics are key to achieving eliminating duplication and differentiating between people with the same name, Zelazny said.

For example, organizations can use two photos of the same person – one smiling, one not – to improve biometric security. Running facial-recognition software against two related pictures instead of one adds additional security, she said.

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.