“We can lock down accounts based on each person’s assigned roles,” Williams says. “People don’t have root access rights unless it’s absolutely required for their work.”
Some agencies must consider public interaction when it comes to security and identity management. The Federal Communications Commission moved its identity management to Okta’s Identity Cloud, which provides multifactor authentication and single sign-on capabilities for applications such as Microsoft Office 365.
About 2 million people yearly apply for FCC licenses, and the Okta app ensures that proper authorizations and security are in place as the outside world interacts with the agency.
State Department Uses a Variety of Authentication Tools
Many State Department personnel work in far-flung, sometimes adversarial nations, but they still need access to sensitive information contained in internal systems. To securely manage identity verification, the department’s IT staff focuses on a variety of current and emerging technology options.
“Identity management is one of my soapbox topics because it touches so many areas, including the proliferation of mobile and cloud applications,” says Gerald Caron, acting director of enterprise network management.
For personnel working at desktops in State Department facilities, IT managers rely on CACs, local domain controllers and Active Directory to authenticate personnel. To secure access to mobile applications, the department achieves multifactor authentication with RSA tokens and passwords managed by a commercial application.
Other multifactor options include a derived-credential solution that would install the information captured on CACs onto chips embedded within mobile devices.