Education CISO Sees Zero Trust as Key to Improved CX
Identity management remains a focal point for the agency as it enters the second phase of its zero-trust migration plan.
The Department of Education’s zero-trust architecture implementation plan prioritizes enhancing the user experience for both employees and the public, CISO Steven Hernandez told GovCIO Media & Research on CyberCast while discussing the agency’s strategy.
The White House cybersecurity executive order requires agencies to have strong identity management and to implement multi-factor authentication and encryption for data, both at rest and in transit throughout their systems.
Hernandez said a primary undertaking has been to create a process for identity proofing, when an employee provides information about their identity to establish their known identity to access agency infrastructure, like a personal identity verification (PIV) card.
“If you’re working in the federal government, if you’re an employee or a contractor working directly with us, we want you to have a very high level of identity proofing,” Hernandez said. “Usually that happens when we get our badge or our PIV. We bring two forms of ID with us. We put down biometric fingerprints, and we have our photo taken. And all of that gets matched up to say, ‘OK, we have a very strong opinion that Steven is who he claims to be.’ Then, our goal is to then use that identity as the prime identity for any system access.”
The successor to the executive order, the Office of Management and Budget’s memorandum 22-09, also calls on agencies to secure public-facing systems by offering citizens the same level of authentication as federal employees. This would give citizens choices as to how strong they want their interaction with the government to be.
“We want people to say if they need something from the government, they can go to Login.gov, log in with their strong identity and authenticator and then have the ability to request access to multiple government systems,” Hernandez said. “If we give them a single front door with a single strong way to get in and access it, we’re going to win every time.”
Identity proofing is also a focus for the agency for its citizen-facing services. Hernandez said the technology allows citizens to use a camera for a higher level of identity proofing.
“We can’t get up to the highest levels, but the intermediate levels of proofing we can do through a camera. Goal one is to make that available as kind of the first right,” Hernandez said. “If we can keep people in the comfort of their home or wherever they want to be, that’s what we want to do.”
Hernandez cited a pilot between the U.S. Postal Service and the General Services Administration to offer identity proofing solutions at post offices.
“Even Congress has taken notice of this, and there’s been some proposed legislation that authorizes the post office under law to do identity proofing and collect funds for it and also issue authenticators,” Hernandez said. “This is exactly the direction we should be going as a modern digital society.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
GSA Taps Dovarius Peoples as Deputy CIO
Peoples previously served as CIO of the U.S. Army Corps of Engineers and oversaw the service's cloud migration and data modernization.
1m read -
VA Rolls Out Tele-emergency Care Program Nationwide
The Department of Veterans Affairs announced the roll out of its tele-emergency care program nationwide this week.
4m read -
Advanced Computing Holds Promise for Health Care, Ethical Hurdles Remain
Researchers and government officials are creating policies to improve customer experience nearly a year after President Biden’s executive order on digital experience.
3m read -
Health IT Leaders Tout Technology, Partnerships and Innovation
Officials noted the importance of collaboration between the public and private sector during a lightning round session at the Health IT Summit.
5m read