Governments struggle to deliver secure online citizen services
Auth0 released the findings of its Public Sector Identity Index, a global research report that provides government technology leaders with insight into the identity maturity of public sector organizations around the world. The report, conducted by Market Connections, highlights the importance of a centralized identity strategy in putting safe and accessible services into the hands of citizens faster.
Over the past two years, many public sector organizations were prompted by the immediate need to deploy digital infrastructure to maintain continuity of their services amid the COVID-19 pandemic — such as offering citizens license renewals online and virtual education — and are now grappling with the impacts on cybersecurity and user experience.
From the Executive Order on ‘Improving the Nation’s Cybersecurity’ in the U.S., to digital identity and SSO initiatives in the UK and Australia, enabling employees, citizens, and other government entities to access all of these applications easily and securely has become a demand around the world.
The 2022 Public Sector Identity Index captures the perceptions of 850 IT and line of business decision-makers within national and state/local government organizations across the U.S., UK, and ANZ (Australia and New Zealand) with regard to their Identity and Access Management (IAM) strategy.
- Only one in five are extremely confident in either the security (17%) or ease of use (19%) of their current authentication solution.
Username and password is the most frequently used authentication method by citizens (86%), compared to very little usage of biometric or passwordless authentication (16%).
- Four in ten are currently building their own IAM solution in-house (41%), and cite speed to implementation (83%) and using internal staff to manage IAM internally (82%) as two of the biggest pain points in doing so.
- Most governments are looking to expand their digital services in the next two years (75%) and rank protecting citizen’s privacy and data as most important when thinking about online citizen services (73%).
Regional analysis shows U.S. respondents rank ensuring citizens’ trust in digital services as an area of high importance (71%), but have less confidence in their organization’s ability to deliver this (56%). Similar discrepancies in importance versus confidence in delivery include speed in adding new services in the UK (66% importance vs. 48% confidence), and improving the user experience in ANZ (72% importance vs. 60% confidence).
Dean Scontras, VP of State and Local Government and Education (SLED) at Okta, said: “Digitization is likely to continue in light of Zero Trust mandates and mounting consumer expectations. Public sector organizations greatly benefit from bringing their identity management strategy in line with their digital goals. While there is a strong focus on securing citizen data, the vast majority of applications are still protected by a username and password, despite their well-documented security risks.”
According to Forrester Research, the public sector has a massive influence on the entire economy making up 30% of the global GDP and 33% of the global workforce, and the global research firm predicts that more governments will adopt zero trust frameworks to revive public trust in digital services.
An Identity-First approach puts identity at the center of government digital transformation, while also laying the foundation for a Zero Trust security model. Key to this approach are modern login technologies that replace traditional passwords, and introduce friction only when suspicious behavior is detected. By making the shift to Identity-First, organizations like Larimer County provide easy and seamless access for legitimate users, while decreasing the risk of security and compliance breaches.
Jessica Figueras, a cybercrime and digital identity advisor to governments and Okta consultant, said: “In the face of increasing digitization, skills shortages, and online harms, governments are taking a hard look at the technologies they can bring onboard to help them reach their digital goals. The research suggests that identity is one such technology that can help the public sector do more with less.”