Promising Practices Promising PracticesPromising Practices
A forum for government's best ideas and most innovative leaders.

3 Reasons Federal Managers Need to Understand Identity Management

ARCHIVES
Image via Tkemot/Shutterstock.com

Robust identity management can help government managers.

In my last post on emerging trends, I wrote about online identity management and how it could benefit individuals, governments, and the economy.  For this post, I want to concentrate on how a more complete identity management scheme would benefit government managers in the three ways that have been the focus of this series: Real-time data collection and analysis to drive decision-making; efficient use of physical  and communication networks; and managing citizen participation in agency activities.

In some ways, identity management is like mobile: at this point, it's almost like an infrastructure - invisible except where it breaks down.  But it's also disappointingly inefficient and, in some ways, beside the point: identity management is not a means to an end, and sometimes what is necessary is not ever verifying every aspect of a person's identity, but only discrete components.

For example, municipalities might need only to ascertain that a certain user lives within the city limits.  The user's "real name" doesn't matter, nor does her (or his) social security number, or twitter handle.  Likewise, age matters only in as much as the user is above a certain age--but a 25-year old is essentially the same as a 52-year old or a 75-year old in terms of legitimacy to use the system.

The internet's famous capacity for obscuring identity was captured in an only slightly-less famous New Yorker cartoon, the caption of which reads "On the internet, no one knows you're a dog."  The advent of such tools as TrustCloud--a trust-management site--allows anyone, including government managers, to see if users really are dogs.

How understanding, and fully harnessing, identify management will benefit government managers is becoming increasingly clear. There are three ways that particularly stand out:

1. Real-time data collection and analysis will help drive decision-making

As I've written before, the volume of mobile computers and the ever-expanding universe of sensors that can be attached to them are creating a bonanza of data for government managers whose mission is to react to events as they happen.  But it all depends on the trustworthiness of the data, which itself can depend on the trustworthiness of the human operator.  With verifiable identity, government managers can know which sources have proved reliable in the past, and which have not.

2. More efficient use of communication networks

A key component of using physical and communications networks is allocating bandwidth (both real and metaphorical) appropriately--and sometimes that means restricting use of the network to specific people.  Robust identity management (or, again, verification of certain credentials) means that government managers can keep communications channels open for types of people, even if those people may not have previously acquired credentials from the government. 

Emergency management provides some of the clearest examples.  During and immediately after an extreme weather event, communications channels may need to be cleared for medical personnel, or holders of commercial truck licenses.  In more prosaic circumstances, government agencies might want to reach out to software developers, or people with fluency in a certain language.  These are attributes of our identity that could be part of an online identity management system that would benefit both individuals and public sector organizations.

3. Easier management of citizen participation in agency activities

All of this leads to better management of citizen participation.  At the highest level, it enables citizens to manage themselves because government managers can more easily establish a framework, outlining agency needs and tasks, and then allow citizens to organize themselves within the strictures of that framework. 

Government managers can then verify the relevant aspects of participants' identities and parcel out tasks as they arise.  Identity management undergird and acts as a force multiplier for mobile, networked sensors, Products-on-Demand, and advanced sharing.

How do we get there?

I’ve written previously about the activities of "NSTIC," the National Strategy for Trusted Identities in Cyberspace.  Whether people decide to entrust their identity data to a private-sector organization (like a bank), an identity service (like Personal), a government agency (like the DMV), a quasi-government organization (like the Postal Service) or simply keep it themselves (as in a browser extension), I’m hoping that the standards are based on NSTIC’s criteria—that the system be:

  • Privacy-enhancing: users relinquish as little privacy as possible when they opt into the system
  • Voluntary: users must not be required to opt into the system to manage their identity
  • Secure: identity administrators must fortify the system against breaches
  • Resilient: in the event of a breach, administrators must be able to recover quickly
  • Easy to use: users should not have to have a password like this: J8JΒΝzγΨfΛδ@6%vΤfShr57w/
  • Interoperable: the system should work on a tablet, a phone, or a computer running any major operating system and should work for any online tool that requires a login
  • Cost-effective: the system must not impose undue financial strain on businesses or consumers that use it

Ultimately, I don’t think there will be an “end state” for identity management, but rather we’ll see a constantly evolving market, similar to the one we see now for computer operating systems.  The goal, then, is not a perfect identity system, which is all but impossible, but a highly flexible, and constantly-evolving system that can adapt to fit people’s needs whatever they might be.

Image via Tkemot/Shutterstock.com

Gadi Ben-Yehuda is the Director of Innovation and Social Media for the IBM Center for The Business of Government. Previously, he was a Web Strategist for the District of Columbia's Office of the Chief Technology Officer. He has taught creative, expository, and Web writing for more than 10 years to university students, private-sector professionals, and soldiers. He has an MFA in poetry from American University, has taught writing at Howard University, and has worked in Washington, DC, for nonprofits, lobbying organizations, Fleishman-Hillard Global Communications, and Al Gore's 2000 presidential campaign.

FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

    Download
  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

    Download
  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

    Download
  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

    Download
  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.

    Download

When you download a report, your information may be shared with the underwriters of that document.