Insight By Okta

Getting identity and access management right on your way to zero trust

Concepts like zero trust shifts the operating model and security beyond the perimeter and must be central to the ICAM discussion.

It’s been more than two months since the Office of Management and Budget released the final policy updating how agencies should address identity and access management.

The memo takes on ICAM in six parts, rescinds several other policies like the 2004 memo on e-authentication or the 2005 one on e-signatures.

And just as important, the memo recognizes that the 15-year old approach under Homeland Security Presidential Directive-12 (HSPD-12) needs to be adapted to meet current and emerging technologies and needs.

Concepts like zero trust that shifts the operating model and security beyond the perimeter must be central to the ICAM discussion.

The need to incorporate identity with cloud and shared services is a growing priority across several agencies.

Really what the memo is encouraging and emphasizing agencies to do is look at their current way of doing things and start thinking about what they need to do differently moving forward as the cloud, mobility and citizen services become more entwined in how agencies meet their missions.

The policy opens the door for a more secure, privacy-enhanced digital identity solution for citizens and businesses.


Current ICAM Strategy for Agencies

We’re looking to extend what we have on premise to the cloud. We’re looking to better standardize our levels of authorization as it relates to cloud to better protect not only our systems, but really to drill down into data protection and understanding that.


Cloud and IT Modernization in Relation to Identity Management

Once you have all the people, all the technologies and all the integrations done, your platform should just become the policy engine. You should have a really solid way to be able to determine by group what you get to do and when you get to do it.


Zero Trust and ICAM

Our strategy is to always develop a zero trust environment and still meet our business needs. That’s a challenge in and of itself. Identity credentialing and access management (ICAM) becomes a catalyst for creating that zero trust environment yet still being a business enabler and getting to the ‘yes’ for our customers.

Listen to the full show:

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

Panel of experts

  • Togai Andrews

    Chief Information Security Officer, Federal Emergency Management Agency

  • Brian Muolo

    Director, Infrastructure Modernization, General Services Administration

  • Judy Snoich

    Identity, Credential and Access Management Program Manager, Department of the Interior

  • Ted Girard

    Vice President, Public Sector, Okta

  • Jason Miller

    Executive Editor, Federal News Network