Experts give identity management advice

Proper deployment of identity management can improve organizations’ effectiveness and the bottom line, experts said.

Identity management answers the questions of whether people are who they say they are and whether they have the proper affiliation or criteria to do certain tasks, James Kerins, senior vice president for information solutions at LexisNexis Special Services, said at the Information Technology Association of America’s Identity Management Conference last week.

Automated identity management tools also help fight fraud and lower costs, Kerins said.

“Identity management is key to ensure trust, [privacy and security] as well as to facilitate collaboration and improve analytics,” said William Crowell, a security consultant and a member of the Markle Foundation’s Task Force on National Security.

Process and systems integration are a greater obstacle now than technology, said Frances Zelazny, director of marketing and legislative affairs at Identix. Human resources, IT and physical security workers don’t look at overall security systemically and instead work only to solve their particular issues, she said.

Successful identity management depends on viewing security systemically within an organization, Zelazny said. Identity management is frequently viewed as the responsibility of employees in charge of physical security, she said. They must work with human resources officials to develop processes for granting privilege levels, she said.

Getting the right information the first time when doing background checks – the first step of identity management – is crucial to successful deployments, Zelazny said.

She added that organizations face many challenges to getting the information right the first time, including poor data quality, employees dispersed worldwide and human resources staff who are not trained to capture fingerprints. Collecting the data is labor intensive, especially the first time, and sometimes requires seasonal hires, she said.

Organizations must look through their systems to ensure that each employee has only one identity, Zelazny said. They must remove duplicate identities and aliases in their systems and partner agencies, she said.

Biometrics are key to achieving eliminating duplication and differentiating between people with the same name, Zelazny said.

For example, organizations can use two photos of the same person – one smiling, one not – to improve biometric security. Running facial-recognition software against two related pictures instead of one adds additional security, she said.

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.