State and local government IT officials have faced unprecedented challenges this year in trying to meet their constituents’ needs. As they continue to expand digital service offerings, it will be critical to invest in and modernize identity and access management solutions for citizens.
Citizens expect access to services from any mobile device, says Tommy Cathey, regional vice president for public sector sales at ForgeRock in a recent interview. Therefore, moving away from traditional desktop browser authentication tools and increasing identity and access security needs to be a top priority for CIOs.
Recently, leaders have been turning to digital modernization frameworks to help align privacy and authentication strategies across services, Cathey says. Fraud detection and identity verification should be high on the list of priorities, he says in the podcast, produced by StateScoop and underwritten by ForgeRock.
Benefits of modern IAM solutions
Over the last two decades states have invested heavily in traditional on-premise, IAM solutions — which are increasingly costly to maintain. The effects of the pandemic on state budgets are pushing leaders to find ways to lower IT operating costs.
“Unfortunately, we’ve seen states’ budgets decrease, and as we look at funding, states are definitely leveraging the federal matching funds for high-profile projects [such as] Medicaid, Medicare, SNAP, TANF, child welfare, and most recently unemployment insurance,” explains Cathey.
Implementing modern IAM solutions can be an expedient way to improve user experience, increase security and lower operating costs across state agencies.
“[Citizens] want one place to go to renew services. We are seeing more states invest in digital privacy officers to build out that framework and policy so those citizens can come in and access services quickly, effectively and more efficiently,” he explains.
How states working to improve digital services
Cathey shared several examples of how states are using modern IAM solutions — such as one-time passwords (OTP) and multifactor authentication — to standardize the user login experience across multiple services and applications.
“Recently, we did a project with the state of New Jersey. They have a citizen facing portal called myNew Jersey, and that allows citizens to authenticate for variety of services. So, they were definitely ahead of the curve in having invested in that new framework and they’re providing the services to their citizens with that new portal,” he says.
He also pointed to the State of Texas’ huge modernization effort to streamline citizen services through texas.gov by deploying a unified IAM tool. And he noted how Maryland pushed to modernize its entire IAM stack with ForgeRock’s cloud-based solution.
“States are moving to the cloud with their IAM solutions, but they still have traditional on-premise applications. We refer that to as a bi-modal or hybrid approach,” Cathey says.
Recommendations to move forward with modern IAM
Cathey says his conversations with state leaders indicate they are looking forward to new technology developments, such as FIDO — a passwordless authentication standard.
States are leveraging the National Institute of Standards and Technology’s (NIST) frameworks on cloud and cybersecurity to modernize their applications.
They’re also looking at identity-proofing and other measures that can secure their framework around these applications — not only for citizens, but employees now working from home.
The good news, says Cathey, is that states don’t need a massive infrastructure overhaul to integrate modern IAM solutions.
“They have that ability to deploy IAM [platforms] in a hybrid environment where they have traditional applications on premise. But I suggest when they look at modernizing these applications, they use open standards for those so they can get plugged into an IAM solution. Also, this makes it a lot more cost effective,” he explains.
Cathey points to a recent Forrester Wave Report which indicated ForgeRock is a leader in customer-based identity and access management — or CIAM.
“In public sector, we interchange that term ‘customer’ to ‘citizen’ … and I recommend all the listeners out there to check out that Forrester Wave Report on the ForgeRock website as well as the just released Gartner Magic Quadrant for Access Management report, both highly valuable resources,” he says.
Listen to the podcast for the full conversation on the evolution of digital services with modern IAM tools. You can hear more coverage of “IT Modernization in Government” on our StateScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by StateScoop and underwritten by ForgeRock.
Tommy Cathey has more than two decades of experience in the technology industry, including providing client services at companies like Novell and Oracle. At ForgeRock he specializes in next-generation identity and access management solutions for the public sector.