Feds Strengthen Identity Protection - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
10/21/2014
09:30 AM
50%
50%

Feds Strengthen Identity Protection

President Obama signs executive order directing agencies to move to multi-factor authentication for transactions with citizens.

5 Early Cloud Adopters In Federal Government
5 Early Cloud Adopters In Federal Government
(Click image for larger view and slideshow.)

Have you heard the one about the President's credit card being rejected?

No, that's not a joke. President Obama told an audience of employees at the Consumer Financial Protection Bureau that when he went out to dinner with his wife in New York, his credit card was declined because of potential fraud activity, because he uses it so infrequently. (He used Michelle Obama's card to pay the bill instead.)

[Voice of experience? Read Federal Inaction Breeds ID Theft, Says Frank Abagnale.]

The president was at CFPB to speak about an executive order he signed Oct. 17. Obama told the story because the order, "Improving the Security of Consumer Financial Transactions," calls on the US government to strengthen security measures for federal debit, credit, and other payment card programs, in order to protect citizens' privacy and guard against identity theft.

The order directs federal agencies to move as quickly as possible to implement enhanced security measures, including chip-and-PIN technology currently used throughout Europe and generally considered far more secure than passwords, still the most dominant form of security procedure in the US.

For instance, the Secretary of the Treasury is required to ensure that by Jan. 1, 2015 -- barely two months away -- all new payment processing terminals are equipped to handle these enhanced security measures. The Treasury Department also must have a plan in place by Jan. 1 for replacing Direct Express prepaid debit cards without the enhancements, and the General Services Administration must begin replacing "unenhanced" credit, debit, and other payment cards.

President Obama and Sen. Elizabeth Warren at the nomination of Richard Cordray, current head of the Consumer Financial Protection Bureau, in 2012. (Source: Wikipedia)
President Obama and Sen. Elizabeth Warren at the nomination of Richard Cordray, current head of the Consumer Financial Protection Bureau, in 2012.
(Source: Wikipedia)

For greater consumer protection, the order directs the departments of Justice and Commerce and the Social Security Administration to identify publicly available agency resources for victims of identity theft. This information will go to the Federal Trade Commission to be consolidated as much as possible at the FTC's IdentityTheft.gov website. The Office of Management and Budget and GSA are to work with the FTC to streamline reporting of identity theft and remediation processes, including working with credit bureau systems. The revamped IdentityTheft.gov is supposed to be ready by May 15, 2015.

The National Security Council, Office of Science and Technology Policy, and OMB have 90 days to create a plan for all agencies that accept digital applications from citizens to move to multiple-factor authentication process and proof of identity, with an 18-month deadline to implement the plan.

You've done all the right things to defend your organization against cybercrime. Is it time to go on the offensive? Active response must be carefully thought through and even more carefully conducted. This Dark Reading report examines the rising interest in active response and recommends ways to determine whether it's right for your organization. Get the new Identifying And Discouraging Determined Hackers report today (free registration required).

Washington-based Patience Wait contributes articles about government IT to InformationWeek. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
100%
0%
Thomas Claburn,
User Rank: Author
10/21/2014 | 5:45:21 PM
that's a start
but technology doesn't alone guarantee security. chip & pin cards can be abused too:

http://krebsonsecurity.com/2012/09/researchers-chip-and-pin-enables-chip-and-skim/

 
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
News
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Commentary
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll