Private-Public Partnership Needed For Identity Management
An FBI unit chief says much needs to be done, and there's a role for everyone to help protect both business and government assets.
Identity management is crucial to protect public and private sectors alike, and requires the cooperation and expertise of both to be achieved, said Gurvais Grigg, unit chief in the counterterrorism division of the Federal Bureau of Investigation (FBI).
Identity management poses as much a challenge for government as it does private citizens. The difference is, of course, that failure to implement a proper solution can result in breaches of national security.
"We're just waking up to the problems and challenges," Grigg said during a keynote speech at an identity-management conference sponsored by the Information Technology Association of America (ITAA). "There are a lot of good things going on, [but industry's] part is critical [and] helps maintain national security."
Vulnerabilities most frequently exploited involve a lack of systems integration and enterprise solution strategies; failure to use tools or techniques to validate and manage identity; and a proliferation and dependency of systems to rely upon numeric identifiers that are relatively easy to crack -- such as the social security number.
Given that, VARs are needed to help agencies combat identity theft and fraud. For starters, that means systems upgrades and the enablement of such system security methods as cookies, passwords and encryption. The FBI, for one, lists technology upgrades as a top priority. Beyond that, agencies will be seeking more advanced solutions, including smart cards and biometric technologies that rely on signature dynamics, typing patterns, eye and fingerprint scans, and voice and face recognition.
"There needs to be a symbiotic relationship between the government and the private industry," Grigg says. "The enemy is still listening. They steal a piece of intelligence at a time, and then put it together."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.