Identity management is crucial to protect public and private sectors alike, and requires the cooperation and expertise of both to be achieved, said Gurvais Grigg, unit chief in the counterterrorism division of the Federal Bureau of Investigation (FBI).
Identity management poses as much a challenge for government as it does private citizens. The difference is, of course, that failure to implement a proper solution can result in breaches of national security.
"We're just waking up to the problems and challenges," Grigg said during a keynote speech at an identity-management conference sponsored by the Information Technology Association of America (ITAA). "There are a lot of good things going on, [but industry's] part is critical [and] helps maintain national security."
Vulnerabilities most frequently exploited involve a lack of systems integration and enterprise solution strategies; failure to use tools or techniques to validate and manage identity; and a proliferation and dependency of systems to rely upon numeric identifiers that are relatively easy to crack -- such as the social security number.
Given that, VARs are needed to help agencies combat identity theft and fraud. For starters, that means systems upgrades and the enablement of such system security methods as cookies, passwords and encryption. The FBI, for one, lists technology upgrades as a top priority. Beyond that, agencies will be seeking more advanced solutions, including smart cards and biometric technologies that rely on signature dynamics, typing patterns, eye and fingerprint scans, and voice and face recognition.
"There needs to be a symbiotic relationship between the government and the private industry," Grigg says. "The enemy is still listening. They steal a piece of intelligence at a time, and then put it together."