Today, people want digital services to give them access in no more than two clicks in 10 seconds. That’s why, says Okta’s Sean Frazier, security for governm...
When it comes to how agencies improve their services to citizens, cybersecurity should be like wallpaper.
If you don’t notice the wallpaper, it just enhances the room. And you don’t really know why the room is enhanced is how Sean Frazier, chief security officer for Okta, put it.
But if you notice the wall paper, it’s very distracting, he said during the Federal News Network 2023 CX Exchange.
“Users don’t see the security unless they need to see the security because something bad happened,” Frazier said. “Now that we’re all in this interconnected world, we’re basically all connected to the same network so that all the bad guys and all the good guys are sitting on the same network. Attackers don’t have any more hoops to jump through to get to my website than my users do. Because of that and, in that context, you have to think about security from the ground floor. As I’m building this application, what is the best security I can provide, and how can I either use that to enhance my user experience or at least not detract from it?”
Better technology at the network and user levels combined with demand from citizens that government services act more like commercial ones is driving this new view of security and customer experience.
Frazier said people increasingly are demanding that they do no more than two clicks in 10 seconds to get access to the service they are seeking. If it takes more clicks or time than that, a user might balk and quit out of an application.
The challenge comes in addressing the diverse users for many government apps, he said. Users of public services run the gamut: young, old, tech savvy and not so tech savvy.
For the less tech savvy, “they need things to be a little more streamlined for them because they’re having to get access to their retirement benefits or something, and they don’t want to have to jump through hoops,” Frazier said. “The problem with that is that they’re going to create a helpdesk call, or they’re going to not do it, or they’re going to go into a physical building and have to talk to somebody, which is an added cost for the entity.”
Many private sector companies rely on back-end technology to achieve the two clicks in 10 seconds concept now, he said. He cited as examples the use of Fast Identity Online (FIDO) Alliance 2 standards, which were developed by an industry consortium, and Passkey, a password replacement capability that provides fast and secure sign-ins.
Frazier said the other thing companies are doing that agencies should pay closer attention to is how to build in empathy for users into their applications. This requires a cultural shift to make users and security equal priorities.
“What the pandemic did was it lit a fire under the connection between security and customer experience because it forced us to take into account this modality of access that matters completely 100% of the time. We were already heading in that direction, but the pandemic just moved us a little further a lot faster,” he said.
The evolution of technology, with applications and data workloads moving to the cloud and people being more mobile than ever, was already driving toward that need, Frazier said. “Because of all that, we need to as practitioners to adapt to where the users are and meet the users where they are.”
To read or watch other sessions on demand, go to our 2023 CX Exchange event page.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Federal Chief Security Officer, Okta
Executive Editor, Federal News Network
Federal Chief Security Officer, Okta
Sean Frazier is Federal CSO at Okta. In his role, Sean acts as the voice of the CSO for Okta's federal business. Prior to joining Okta, Sean spent more than 25 years working in technology and public sector security for companies such as Duo Security, Netscape, LoudCloud/Opsware, Proofpoint, Cisco & MobileIron. Sean has helped lead numerous projects used by the Department of Defense and Intelligence Community, including the Fortezza Crypto Card, Defense Messaging System (DMS) and many others. He also has extensive experience in identity and public key infrastructure (PKI), network, applications, mobile and IoT. Sean has testified in front of the U.S. Senate Homeland Security and Government Affairs Committee on the importance of public/private partnership in protecting the nation’s digital infrastructure. Sean also advises public/private partnership working groups including ACT-IAC, ATARC and many others.
Executive Editor, Federal News Network
Jason Miller has been executive editor of Federal News Network since 2008. Jason directs the news coverage on all federal issues. He has also produced several news series – among them on whistleblower retaliation at the SBA, the overall impact of President Obama’s first term, cross-agency priority goals, shared services and procurement reform.