Tag Archives: okta

Socure, Okta, and Carahsoft: Pioneering a New Era in Government Identity Verification

Posted on by
Reply

Digital-first experiences are a top priority across every level of government to improve service delivery, simplify user experiences, and rebuild trust with the American public. At the same time, agencies must defend against ever-present threats of identity theft, fraudulent accounts, and account takeovers. That’s why advanced digital Identity verification and strong authentication are essential for modern government services.

At Socure, we are excited to announce a transformative partnership with Okta and Carahsoft Technology Corp., which marks a significant advancement in our mission to enhance digital identity verification across the public sector. This collaboration aims to deliver a FedRAMP & StateRAMP compliant identity solution, ushering in a new era of security and efficiency for federal, state, and local government agencies.

Socure Okta Partnership Identity Management Blog Embedded Image 2024

The integration of Socure’s cutting-edge artificial intelligence and machine learning-enabled ID+ platform with Okta’s adaptive multi-factor authentication, best-in-class compliance and security features, and modern, frictionless cloud infrastructure creates a powerhouse capable of addressing some of the most pressing challenges faced by government agencies today—especially in its efforts to combat sophisticated identity fraud. Our joint solutions now offer government agencies at all levels scalable, simple, and secure identity solutions built for the modern era. Achieving accurate and inclusive digital identity verification is critical to accelerating government service delivery for vital programs.

Digital transformation in government services is not just about upgrading technology—it’s about ensuring that these technologies offer secure, seamless, and inclusive access to the public. This is where our partnership becomes crucial. Socure’s ID+ platform, recognized for its high accuracy and inclusivity in identity verification, complements Okta’s expertise in secure access and adaptive multi-factor authentication. Together, we are setting new standards for what digital interactions in the public sector should look like.

Our joint solution provides government agencies with tools that are not only top-notch in security but also designed to enhance the user experience. By reducing friction and simplifying processes, we make it easier for the public to access vital services, from social benefits to healthcare, without compromising on security. This approach helps to build a stronger, more trusting relationship between the government and the public, which is essential in today’s digital age. We recently produced a joint webinar in which you can listen to the recording here.

For example, Socure’s predictive analytics platform goes beyond traditional identity checks by analyzing a broad range of data points, from physical documents to digital footprints. This allows for real-time verification that is both thorough and efficient. Okta’s Universal Directory and Adaptive Multi-Factor Authentication add another layer of security, ensuring that only legitimate users can access sensitive information.

At a time when digitizing benefits delivery is needed to reach large subsets of the population and bolstering public trust in government services is paramount, these solutions work together to provide key benefits, including:

  • Auto-approval of more eligible individuals (98% for mainstream populations and up to 94% for hard-to-identify populations, including Gen Z, millennial and new-to-country individuals)
  • More effective fraud prevention, capturing 90% of third-party identity fraud in the riskiest 3% of users
  • Reduction of manual reviews with fully automated identity verification and fraud prevention, with a response in milliseconds
  • Fast time-to-value with easy, secure connections across a variety of applications and on the cloud
  • Comprehensive approach to security with audited infrastructure and process
  • Reduction of the burden of password management with simple, passwordless MFA options
  • A variety of flexible authentication options that nearly everyone can use

By pooling our capabilities, we will help reduce the cost, burden, and friction generated by today’s pervasive attacks and deliver a better consumer experience without making it harder for people to interact with government services.

Watch our webinar to learn more about how successfully verifying identity requires a multi-layered approach.

Google and Okta Partner to Modernize Identity Management in Higher Education

Posted on by
Reply

Online collaboration is an essential part of the workplace and the educational sphere. To ensure this collaboration is done securely, Okta and Google have partnered to enhance and automate identity management at scale.

Okta is a neutral, AI powered, extensive platform that puts identity at the heart of any IT stack. No matter the industry, use case or level of support needed, Okta facilitates Identity Access Management (IAM) while keeping security at the core of the integration. Google Workspace is a collection of collaboration tools, and with more than three billion users, it aims to meaningfully connect users to facilitate partnerships and growth. While identity management can be complex, it does not need to be. Together, this partnership makes the path towards modern identity management as neutral, simple, secure and straightforward as possible.

With their recent partnership, customers can now:

  • Automate identity processes at scale
  • Unlock productivity with optimal security
  • Collaborate with each other, seamlessly and securely
  • Use their Google credentials across over 7,500 different apps
  • Gain cross-platform login privileges across Google Workspace and Okta
  • Access accounts with new, simplified user permissions and automated access management

Every organization strives to modernize and adopt cloud technology. This is also true within the higher education market, which is continuing to refine the trend of remote and hybrid learning following the pandemic. The applications and resource solutions that Google provides to higher education, along with the integration of Okta’s IAM capabilities, is immensely beneficial to the agency’s journey in adapting modern cloud technology and security.

Leading the Modernization of Identity Management in Education

Okat Google Higher Education Partnership Blog Embedded Image 2024

With the influx of hybrid and online learning, higher educational institutions are still learning how to orient solutions towards online learning and teaching. From an IAM perspective, higher education is one of the most complex environments with regards to the vast array of users. Within one network, an institution has faculty, staff, professors and a yearly lifecycle of students that range from applicants to alumni. The process of onboarding and offboarding students and faculty can be time consuming and requires multiple digital programs to facilitate. Okta provides a frictionless onboarding and offboarding experience for administrations that deal with changes in the student body. There are also external users such as partners, contractors and subcontractors, such as medical centers and food providers, that universities must consider. Okta’s open, neutral and independent identity platform can integrate with technologies commonly used by institutions, such as Enterprise Resource Planning (ERP) and Student Information System (SIS), allowing universities to build off of software they are already using. Depending on the role of the individual accessing the software, the identity gains access to personalized experiences.

Okta offers the capability to combine and manage various groups and processes in a single, secure platform. The partnership between Okta and Google enhances the student experience from their perspective, too. Okta’s single platform can solve student-specific challenges, such as managing multiple accounts and logins across an array of learning tools, enabling smoother daily operations and access. With cross platform log in, students can securely access Google Chatroom and Classroom features with IAM capabilities. By implementing Google Cloud capabilities into daily functions, higher education institutions can create a more modern experience for students while reducing costs. For example, artificial intelligence (AI) virtual agents are used to answer student questions and direct them to services, and mobile apps are utilized for mental health check-ins and other well-being services.

How Okta and Google uphold Zero Trust and Cybersecurity

Identity is one of the key pillars within the Cybersecurity and Infrastructure Security Agency (CISA)’s Zero Trust Architecture (ZTA). Okta upholds Zero Trust principles by ensuring that through methods such as multi factor authentication, the person gaining access is who they say they are. By only allowing access to devices that are up to date, Okta prevents bad actors from hacking older systems with commonly known security vulnerabilities. By sustaining a strong ZTA baseline, Google and Okta establish a secure experience for students, staff and faculty.

Okta gives customers a neutral, powerful and extensible platform that puts identity at the heart of information technology (IT) stacks. No matter what industry, use case or level of support is needed, Okta has customers covered. Okta and Google integrate with technology partners, alliance partners and vendors to uphold and exemplify security principles. In doing so, they ensure that every user on campus networks are safe and secure.

To learn more about Okta and Google’s partnership and the benefits to cloud and IAM security, visit the Carahsoft-hosted webinar on the company’s newfound partnership: Securing Productivity with Google Workspace + Okta.

Contact our Okta solutions experts today to discover the power of Okta and Google together, and how these industry leading organizations can support your higher education initiatives.

Improving Government CX Services to Build Trust Amongst Customers

Posted on by
Reply

In the Private Sector, customer experience (CX) is characterized by applications that serve as a single-stop service for customers. These expectations have trickled from the commercial digital world into the Public Sector, with the exception that co-designing services that keep up with the public’s needs and priorities is non-negotiable to rebuilding trust. High Impact Service Providers (HISPs), Federal agencies that the Government has deemed as having critical value due to their public-facing services, aim to mimic the single-stop layout by creating an all-encompassing CX in the Public Sector. This way, the public sees the Government as seamless and unified, and different Government agencies as parallel to each other.

Customer Experience Built on Trust

Unifying services can reduce challenges the public faces when accessing them. Time is lost due to slow modernization that would otherwise improve interactions with customers. In the past, to access services, individuals may need to take off work, which may lose them income. They may need to travel to a far location, may forget vital documents at home or may have to account for child care. These considerations which come at the expense of the public can be attributed to a “time tax” that burdens Government customers. However, with the shift to online services, customers can update their information quickly and easily on their own time. It is important to note that HISPs are moving to a digital-first, but not digital-only strategy. This means that although all services will be provided online, there will still be in-person options for those who do not have access to a dependable connection or for services that can require in-person help. By providing a variety of reliable, time and cost-effective services, Government agencies can ease usability and build trust with customers.

Okta HISP Customer Experience Series Blog Embedded Image 2024

Agencies with new, modernized websites can build trust in the Government. Conversely, a rushed website with too much downtime can lead to a user’s inability to access essential capabilities. Not every agency has a Customer Experience Officer to help roll out improved CX strategies. Various agencies may be set up differently regarding reporting structure, which complicates counsel. A driver of HISP and other government-wide CX initiatives, the Office of Management Budget (OMB), has released digital experience guidance related to Memorandum M-23-22. With this initiative, the OMB will help agencies choose which public-facing items to invest in and which digital services to optimize for prime CX.  

A fundamental part of CX is the people who provide services. To truly improve customer service, agencies must first improve their employee experience. This means providing secure access to a variety of work models: virtual or in-person, temporary, seasonal or full-time, contractor or agency related. Once agencies understand how to provide a uniform experience across a diverse portfolio of workforces, agencies can train employees to provide uniform CX across a diverse array of customers. 

Technology also plays a key role in the Government’s hope of a trust-filled relationship with those they serve. Consistent branding is one powerful way to unite HISPs across the Government. This can look like each agency placing its logo in the same area of its website. Another way is one authentication mechanism for members of the public to access both their Government account and servicer website. 

A Unified Login

A cornerstone of the Federal Government’s idea around modernizing CX is that there is a simple way for people to access Government services across multiple devices. Login.gov is putting that idea into practice. To shift online, the Government must provide a secure access method for every customer with a goal to move past the need for passwords. The modern generation of customers expect technological services to be available on multiple devices. They also prefer the ability to take a break and pick up where they left off, which requires behavioral analytics to protect users. Each agency will also be required to offer phishing resistant multi factor authentication (MFA) as an option for public users. With proper Identity and Access Management (IAM), whether in the form of single sign on (SSO) or biometric methods to log in, an app can verify that the user accessing sensitive information is the desired recipient. This way, users can gain easy, secure access to their services and information and agencies gain relevant context at the application level that follows Zero Trust principles. 

Empowering CX with IAM

Okta, the leading independent Identity partner, understands that IAM is an integral part of ensuring services are simple, seamless and secure. Furthermore, IAM services can still center CX. Okta has created human-centered design challenge cards to help agencies redesign experiences based on user needs and CX metrics. By synthesizing CX, secure and proper IAM and modern capabilities, the Federal Government can help build trust with the new era of customers. 

To learn more about how Okta’s IAM capabilities aid CX in the Federal Government, watch my interview with Federal News Network to gain insight on building trust with customers. To learn more about how Government agencies can build trust with their customers and improve customer services, view content from Carahsoft’s Government Customer Experience & Engagement Summit.

Okta and ServiceNow: Modernizing Public Sector Operations

Posted on by
Reply

Federal, state, and local agencies and educational institutions are facing a surge in targeted cyberattacks. With increasing return-to-office mandates, they face further challenges balancing security with the need to deliver frictionless experiences for users and systems, both within and beyond the premises of agencies and campuses. Public sector organizations can lean further on industry partners to help them modernize operations to improve cybersecurity, support distributed workforces and users, remain compliant with audit and policy mandates, and, ultimately, better serve the public.

Roadblocks to Modernization

To modernize operations, agencies and institutions need to transition from legacy systems to cloud-based tools. Creating collaborative, seamless, and secure work environments that not only attract and retain top talent but also comply with key audit and policy mandates is necessary.

But building this kind of robust environment that can securely support mission-critical work isn’t easy.

Okta ServiceNow Modernizing Public Sector Operations Blog Embedded Image 2023

For one, as the public sector implements cloud-based tools that deliver modern, continuous digital services, they must also ensure the new technology works seamlessly alongside existing processes. And securing work environments both in-office and remotely has never been more challenging, with a 40% increase in cyberattacks against government and public service organizations from Q2 2023 to Q3 2023. Unfortunately, busy IT teams’ resources are too often spent completing manual work instead of implementing changes needed to focus on the high-value work that propels their missions.

How Okta and ServiceNow Solutions Help With Modernization and Automation

Okta and ServiceNow solutions enable agencies and institutions to overcome these obstacles by providing tools that enhance security, modernize operations, comply with strategic policies, and improve service delivery to meet critical mission goals.

Together, Okta and ServiceNow help with:

  • Identity and access management: A centralized Identity solution offers a complete view of users and phishing-resistant authentication to protect accounts from cyberattacks and least-privilege access. This gives users just the right access at the right time for the right purposes.
  • User lifecycle and workflow automation: Advanced algorithms and customizable templates streamline onboarding and offboarding for IT teams, reducing time-consuming work, eliminating manual, repetitive tasks, and increasing productivity.
  • Compliance and policy oversight: Detailed logs and refined reporting capabilities perform automated compliance checks, and policy enforcement mechanisms help reduce the risk of non-compliance.
  • No-code automation: No-code/low-code automation enables IT teams to quickly launch modern services while still adhering to Zero Trust integrations.
  • Risk management and monitoring: Advanced analytics and real-time reporting enable continuous visibility of all systems, improving service availability and accelerating incident response that can better protect the sensitive information of public sector organizations.
  • System integration: API management and middleware tools enable seamless integration with automated data exchange to improve communication and reduce errors.

Why Okta and ServiceNow are Better Together

These solutions combine ServiceNow’s expertise in policy and compliance management and internal and vendor risk management with Okta’s expertise in Identity and access management, such as single sign-on (SSO) and multi-factor authentication (MFA).

More specifically, with a rich, bidirectional integration, Okta and ServiceNow work seamlessly together, empowering public sector organizations to modernize and automate their services to support their evolving missions with:

  • Okta Integration Network (OIN)
  • ServiceNow Security Incident Module
  • StateRAMP Ready authorization
  • FedRAMP High authorization
  • Department of Defense Impact Level (IL) 4 and IL5 workloads

Contact our team today to learn more about about how, together, Okta and ServiceNow provide the public sector with an open, future-ready platform to automate, secure, orchestrate, and simplify their workflows.

Okta and GovSlack Bring Digital-first Environment to Government

Posted on by
Reply

Digital transformation is all around us. From how we shop to where we work, digital-first environments are the new normal. While the private sector quickly adopted collaborative, digital workspaces, the pace is a bit slower for government agencies – and for good reason.

Higher levels of security and compliance are required in government work, yet agencies still feel limited by the legacy systems in place. To transform into a digital-first workspace that promotes collaboration and improves communication among agencies and contractors, government agencies need flexible, inclusive technology that doesn’t sacrifice cybersecurity.

Modernize with a digital command center

Okta + GovSlack Digital-first Environment to Government Blog Embedded Image 2023

Okta integrates with GovSlack to help the government modernize how work gets done. The centralized digital headquarters provides frictionless, secure access and helps agencies increase productivity, security, governance, and end-to-end workflows.

GovSlack was launched to allow for secure collaboration. Okta’s Identity and access management (IAM) policies throughout GovSlack meet the security and compliance needs of intra- and cross-functional government teams and contractors.

Top five reasons to modernize with Okta and GovSlack

Here are some of the top reasons agencies can benefit from the Okta and GovSlack solutions:

  1. Share information with external agencies and contractors in real time: Slack Connect allows agencies to extend the benefits of their centralized, digital workspace to both internal and external team members in real time. This helps reduce the need for meetings and follow-ups. Okta’s IAM capabilities throughout the platform remove siloed Identity security across the extended enterprise.
  2. Access growing library of integrations: Okta’s secure and seamless integration with GovSlack and a growing number of high-security versions of the most commonly used business applications protect the government’s highest-value assets.
  3. Meet strict compliance and security requirements: Okta’s FedRAMP Moderate Identity solution includes features and capabilities available throughout GovSlack that are designed to strengthen the security posture of government agencies. Okta’s trusted security capabilities meet Zero Trust architecture (ZTA) and the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Identity pillar, helping agencies bridge on-premises assets to the cloud with a unified and automated Identity-driven access layer.
  4. Create a frictionless workforce experience: IAM tools from Okta, like phishing-resistant Multi-Factor Authentication (MFA) and biometrics, allow users to easily access the secure platform from any location or device. Granting permissions and access controls at scale is simple through GovSlack’s enterprise-grade admin dashboard.
  5. Launch into the future of modern work: With security measures offered by Okta and GovSlack, agencies can incorporate a secure, cloud-based digital headquarters into all aspects of their daily work. With a secure digital workspace in place, agencies can reduce time spent building on-premises solutions, breaking down information silos, improving collaboration internally and externally, and opening the door to more possibilities when all stakeholders have access to the same workspace.

Download our Solution Brief to learn more about Okta, the federal Identity solution for high-impact applications, and GovSlack, the designated “digital headquarters” for many government agencies.

A Guide to Building Constituent Engagement

Posted on by
Reply

In the past two years it seems like every function that could be done remotely was, and state and local agencies scrambled to ramp up digital services. Although organizations stepped up to the challenge in impressive ways, the situation was chaotic. Two of the experts we interviewed for this guide described elements of digital outreach as “the Wild West.” But now that the initial rush has passed, it’s time to look at how those community engagement initiatives contribute to the larger project of connecting — and building trust — with constituents. Although governments offer more ways than ever for constituents to engage, there’s still work to do. In this guide, leaders from state and local agencies share their challenges, solutions and recommendations for reaching residents in a digital and hybrid world, and industry experts offer their thoughts on the current landscape. Download the guide to learn how to improve accessibility, reach constituents and address various digital divides.

 

In San Francisco, Accessibility Means Better Engagement for Everyone

“Understand that accessibility helps everyone. Don’t assume you know who’s disabled, or what accessibility resources they’re using. Recognize that there are people whose impairment may be less apparent but who still benefit from accessibility measures. ‘It’s not a separate thing for a separate group of people,’ Kaplan said. Build accessibility into the whole organization. Don’t confine the work of accessibility to an office like MOD. Agencies need to develop their own internal expertise to deal with the more predictable accessibility issues in their work. Save the experts for when something complex comes along.”

Read more insights from Deborah Kaplan, Deputy Director of Programmatic Access in the San Francisco Mayor’s Office on Disability.

 

IIG GovLoop SLG Guide Blog Embedded Image 2022How Automation Supports Better Community Engagement

“It might seem obvious, but the goal of constituent engagement is to get services to the people who need them and to include resident voices on policies that affect them. But often state and local government workers spend too much of their time wrangling incompatible systems, struggling to get data, and meeting reporting requirements. And while they’re doing that, they’re not serving the community. One way to lighten the burden is to automate time-consuming, repetitive processes. Another strategy is to provide platforms where people and processes can work together seamlessly.”

Read more insights from Craeg Strong, Chief Technology Officer at Ariel Partners.

 

Social Media Gives an Oklahoma Agency Its Voice

“In 2020, the Oklahoma Department of Wildlife Conservation adopted a unique—and often delightfully irreverent—approach to its use of social media. In lieu of the dry language so typical of government communications, the agency uses Twitter, Facebook, TikTok and Instagram to reach constituents through a mix of quirky humor, fun facts, and attractive photos and videos. The digital outreach works, and it’s a model for other agencies. The agency depends on communicating with and growing its target audience because it receives no state tax appropriations and is funded entirely by hunting and fishing licenses.”

Read more insights from the Oklahoma Department of Wildlife Conservation’s Communication and Education Supervisor, Kelly Adams, and Communication and Education Specialist, Smokey Solis.

 

A Trust-Engagement Model: Intuitive, Sequenced and Service-oriented

“Democratized analytics is the technological capability that enables data workers of various technical skill levels to leverage data and share its insights with other employees of various skill levels. Put simply, it’s analytics accessible for and inclusive to all. Unified analytics is technology that allows data workers to perform the entire analytic life cycle in one place. From data prep and blend, which identifies and combines data for descriptive, predictive and prescriptive analytics, to machine learning, an advanced form of AI that gets smarter over time — unified analytics allows a range of data transformation processes to be done in a single location, no matter the data source or type. No-code/low-code analytics is analytics that does not require coding skills to prep, clean, analyze and share data. And we’re not talking spreadsheets here.”

Read more insights from Alteryx’s Director of Solutions Marketing for the Public Sector, Andy MacIsaac.

 

Let’s Get Back to Basics for Collaboration

“Leveraging data can lead to more sequenced services, more graceful engagement, and the best outcomes for constituents. An optimal sequence, with natural steps between services, is cost-effective for both the user and agencies. That’s Red Hat’s focus as it works with agencies to implement open hybrid cloud approaches that integrate data, modernize system components and transform legacy systems. Cloud-based datasets that are accessible to agency personnel can help significantly. In recent years, Red Hat assisted the Tennessee Department of Human Services modernize to deliver better constituent experiences. The department wanted to improve the continuity of platforms, set open standards, and use adaptive, flexible, and broadly accessible technologies.”

Read more insights from Kevin Tunks of Red Hat.

 

(Contact-Free) Human Touch Helps Transform a Riverscape

“The city of Middletown, Connecticut, is focused on a decades-old goal: to revitalize and redevelop the riverfront. The underused Harbor Park area along the Connecticut River has great potential for residential, commercial and recreational use. But in the past, the city struggled to get feedback about the project from many stakeholders and constituents. That created a problem: How could the city design a community space without the input of the community? The Return to the Riverbend campaign, launched in fall 2021, yielded community input that the city used to create a master plan, released the following summer, for a new riverfront area.”

Read more insights from Brianna Skowera, Director of Information Systems for Middletown, Connecticut.

 

The Link Between Experience and Trust

“Think about a recent online interaction. Maybe you were buying something or applying for something. How did the experience make you feel? A great online experience is simple, fast and reliable. And when that great experience is consistent, it builds trust. That’s why it’s crucial to understand the link between government service and trust, said Dean Scontras, Vice President of State, Local and Education at Okta. ‘State and local agencies are modernizing their technology and transforming the way they serve their residents,’ Scontras said. Identity and access management (IAM) are critical infrastructure for digital services.”

Read more insights from Dean Scontras, Vice President for State, Local and Education at Okta.

 

North Carolina Breaks Down the Digital Divide

“Think of ‘digital divide,’ and it’s likely that a lack of access to internet connectivity and/or devices comes to mind. That’s certainly part of it. But the North Carolina Division of Broadband and Digital Equity adds another aspect: digital literacy. What good is a connected smartphone if you don’t know how to use it? Annette Taylor, Director of the division’s Office of Digital Equity and Literacy, understands. Her 72-year-old mother has a computer but is reluctant to use the internet. That became problematic during the pandemic when a digital pay stub was the only way she could see how much ‘COVID pay’ she was earning from her temporarily shuttered employer.”

Read more insights from Annette Taylor, Director, Office of Digital Equity and Literacy at the North Carolina Division of Broadband and Digital Equity.

 

How Voice Recognition Can Improve Constituent Satisfaction

“Today, every government organization needs to be where the public is — and that means being everywhere. Meeting customers on voice, digital, and messaging channels, and providing a consistent, contextual, convenient experience across every one. In one case, Nuance worked with a government agency that was struggling to handle incoming calls. They answered less than half, with the others getting a busy signal or a message asking them to call back later. Using Nuance’s solutions, they’re now able to answer all their incoming calls, and nearly half are handled within the interactive voice response (IVR) system. ‘Citizens are calling in, getting the information they need, and never talking with a customer service rep,’ Brodsky said.”

Read more insights from Nuance Communications’ Regional Vice President, Government Sales, Russell Brodsky; Senior Principal, Industry Solutions Marketing and Strategy, Vance Clipson; and Director of Professional Services, Joseph Solt.

 

San Antonio Deepens Trust With Constituents

“Let’s say you launch a constituent engagement initiative and within one year you see a significant rise across various metrics: website hits, comments received and event registrations. Do you call it a success? For Alanna Reed, San Antonio’s Director of Communications and Engagement, numbers tell only part of the story. San Antonio launched an initiative called SASpeakUp in 2015 to gather better input on the city’s budget and its services. Although the city held public meetings for that purpose, city officials noticed that the same people were attending all of them. Through SASpeakUp, they provided numerous channels for input, including a website, social media and in-person meetups.”

Read more insights from Dean Scontras, Vice President for State, Local and Education at Okta.

 

Download the full GovLoop Guide for more insights from these state and local government thought leaders and additional government interviews, historical perspectives and industry research on the future of data.

A New Era in Government Cybersecurity

Posted on by
Reply

Securing government systems was a complex undertaking even before the pandemic. In response to that crisis, agencies rapidly deployed cloud technology, mobile devices and collaboration tools for remote employees — and added new vulnerabilities and IT management challenges to an already long list of cybersecurity priorities. Malicious actors have taken note of the new opportunities and continue to mount increasingly sophisticated attacks on government systems and critical infrastructure. To keep pace with those risks, government teams need multifaceted yet holistic strategies that address a wide range of threats to network endpoints, identity and access management, and data. In addition, agencies must strike the right balance of productivity and security for a mix of on-site and remote employees — a key concern of 75% of the respondents to a recent FCW reader survey. Fortunately, zero trust has been gaining traction because of its ability to address key challenges related to identity management, endpoint security and data protection. Interest in zero trust has skyrocketed thanks to a mandate in the Biden administration’s 2021 Executive Order on Improving the Nation’s Cybersecurity. But although zero trust can play a key role in ensuring that only authorized users have access to IT systems and data, it doesn’t always protect against human mistakes. In addition, security responsibilities have crossed traditional internal boundaries, and agencies are finding that they need to unify the priorities of security teams and mission owners. Learn how agencies can continue to evolve cybersecurity architecture and strategy, given the increased attack rate and creativity of malicious actors in Carahsoft’s Innovation in Government® report.

 

The Power of Real-Time Cyber Intelligence  

“Government agencies are realizing that if they are going to mitigate cybersecurity risks and respond to breaches more quickly, they need access to real-time operational intelligence. However, they also recognize that their security products and intelligence sources must be readily integrated. A security operations center (SOC) can’t function when it has 50 products that don’t talk to one another and whose data can’t be easily fused and normalized. Many organizations try to manually corroborate a notable  security event with other data, such as external threat intelligence, feedback from an endpoint detection and response platform, or information from the Department of Homeland Security. A manual process is slow, inefficient and ultimately doomed to failure.”

Read more insights from Splunk’s chief cybersecurity advisor for public sector, Paul Kurtz.

 

Treating Identity as Critical Infrastructure  

“Agencies can assess the state of their identity infrastructure by continually asking whether they are delivering the right capabilities to their employees, the public and other customers and whether they are doing so in a way that matches how people live and work today. We all have high expectations for capabilities and usability because of our daily interactions with smartphones. We’re used to conducting our business quickly and efficiently, and agencies should likewise be building enterprise systems that support the fast and efficient delivery of government services. Furthermore, agencies should build those systems with a line of sight to the future.”

Read more insights from Okta’s federal chief security officer, Sean Frazier.

 

IIG FCW Cybersecurity September Blog Embedded Image 2022The Importance of Future-Proofing Cybersecurity  

“Access control through multifactor authentication is an important aspect of both directives. The combination of username and password is not sufficient to secure access to IT systems. Agencies also need to deploy strong multifactor authentication that relies on some type of hardware- or software-based token for granting access to the environment and then to the data. Furthermore, the White House executive order mandates the protection of data through encryption not only when it is at rest but also when it is moving to and from the network edge and beyond.”

Read more insights from Thales TCT’s deputy CTO, Gina Scinta.

 

The Game-Changing Nature of Cyber Resiliency

“The COVID-19 pandemic prompted the largest modernization effort the government has ever seen. However, in addition to the many benefits of that modernization, hybrid work environments have added an ever-growing number of endpoints and created new identity-based vulnerabilities for attackers to exploit. Agencies can be more strategic in their approach to endpoint security by focusing on cyber resiliency. Although the term has been around for several years, it has been emphasized recently by the National Institute of Standards and Technology (NIST).”

Read more insights from SentinelOne’s vice president of federal sales, Todd Helfrich.

 

 Galvanizing Agencies into Action on Cybersecurity

“The Executive Order on Improving the Nation’s Cybersecurity has spurred agencies to modernize the way they protect IT systems and data. Now there is a shared commitment to the steps that IT leaders should take, and agencies have been galvanized into action. For example, zero trust was mostly just a buzzword for agencies prior to the executive order, and now it is something that federal agencies are seriously exploring. They’re going beyond reading whitepapers to asking for vendor demos and testing ideas.”

Read more insights from Cribl’s senior director of market strategy, Nick Heudecker.

 

Aligning Your Digital Collaboration to Zero Trust

“Guest access provides people outside your organization access to content inside your M365 workspaces (i.e., Teams, SharePoint and Groups). A health care-focused agency could use guest accounts to collaborate with grantees and their site staff or academic researchers. A defense-focused agency could use guest access to coordinate with local law enforcement to plan incident response or correspond about special event planning. Despite the benefits, agencies need policies and reporting when using features like guest access to ensure your information stays protected.”

Read more insights from AvePoint’s director of federal strategy for public sector, Jay Leask.

 

Download the full Innovation in Government® report for more insights from these digital transformation thought leaders and additional industry research from FCW.

Okta’s Secure Identity Roadshow Explores the Latest in Modern, Cloud-based Identity Modernization and Access Management

Posted on by
Reply

What Vistors Need to Know

Identity is the foundation of every public service, and it is more important than ever to protect against fraud. Okta supports your organization’s efforts for API authorization policies based on application, user context, and group membership to make sure only the right people get access to the right information. Okta’s Secure Identity Roadshow, visitors will discover how their organization can safeguard against bad actors while optimizing the digital customer experience.

Throughout the roadshow, public sector thought leaders and speakers will cover topics such as the latest in modern, cloud-based identity and access, how to control and secure sprawling APIs, simplifying the user experience and growing modernization for government organizations. Visitors will also have a chance to learn from their local Okta partners on how to fight against fraud, waste and abuse and how your organization can leverage Okta’s identity solutions.

What does IT modernization mean for your organization? At the top of the list, better digital services and stronger cybersecurity are a great start, but agencies need big improvements in efficiency and reliability too. Where can your organization start? With identity.

Join our roadshow in a city near you:

Okta and LexisNexis: Fighting Fraud Together

Okta Secure Identity Roadshows Blog Embedded Image 2022

At the start of the pandemic, public sector agencies faced immediate changes like a fully remote workforce and overworked, outdated systems. This combination led to a severe lack of preparedness against fraudsters seizing their chance to infiltrate the vulnerable situation at hand. In the future, what can organization’s do to prevent fraud before it happens?

Okta and LexisNexis offer a solutions guide for mitigating these risks with multiple benefits any public organization can take advantage of. With Okta and LexisNexis Risk Solutions, agencies can better prevent, detect and investigate fraud while keeping the service experience frictionless.

With this guide, agencies can learn to:

  • Verify citizen identities continuously
  • Utilize one identity platform for all
  • Adopt digital identity verification that learns over time
  • Own a complete and powerful solution to fight fraud

The alliance between Okta and LexisNexis enhances public trust in the government’s digital services by reducing fraud through:

  • Managing identities and access from the cloud, freeing staff to focus on helping constituents in need
  • Once initially proofed, offering continued identity protection with strong yet simple, multi-factor authentication to ensure users are who they say they are

To learn more about the partnership between Okta and LexisNexis and how it can support your organization’s efforts against fraud, view these additional resources:

Interested in attending a roadshow in your area? Don’t forget to register for your local event!

How Okta, CrowdStrike, and Zscaler Are Better Together

Posted on by
Reply

In the face of a widening threat landscape and increased numbers of cybersecurity attacks in both the public and private sectors, the United States federal government is required to take action through several executive orders and memorandums. To keep pace and outsmart ever-evolving cybercriminals, modern security measures must include robust enforcement of identity, device, and network/environment.

Responding to Cybersecurity Threats

Federal agencies are working hard to prioritize cybersecurity and safeguard the public and workforce—and for good reason. In the first three months of 2022, 92% of data breaches were the result of cyberattacks, as reported by the Identity Theft Resource Center (ITRC), making 2022 the third consecutive year that data breaches have increased compared to Q1 of the previous year.

Okta + Zscaler + Crowdstrike Better Together Blog Embedded Image 2022

In addition to other laws, policies, and recommendations, such as FedRAMP, federal agencies are now required to use vendors that meet Cloud Smart initiatives after the release of Executive Order 14028 on Improving the Nation’s Security (EO 14028). Federal agencies also need to pay attention to Memorandum M-22-09, “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles,” issued by the Office of Management and Budget, which outlines key goals they must meet by the September 2024 deadline.

Pursuant to EO 14028, the Cybersecurity and Infrastructure Security Agency (CISA) is required to develop architectural documentation and a cloud-service governance framework, and the National Institute of Standards and Technology (NIST) is required to develop Zero Trust best practices, guidelines, and recommendations.

For these reasons, security technology providers, Okta, CrowdStrike, and Zscaler, offer solutions that, when used together, give federal agencies access to resources that provide protection in the simplest way possible.

By utilizing these security technology providers, federal agencies can make significant progress in building the security posture they need to protect the public and their workforces against current–and future–cyber threats.

Why the Zero Trust Approach?

Zero Trust is not a technology, nor is it a product. It is a strategic, architectural approach to security enabled by technology. It builds on existing security concepts and does not introduce a radical new approach to cybersecurity. The market is driven by the need to protect enterprise digital environments by averting lateral movement, leveraging network segmentation, simplifying granular user-access control, and implementing Layer 7 threat prevention.

Zero Trust approach is a complete shift from the old, legacy security architectures.

On a grand scale, it means federal agencies need to evolve their approach and mindset when implementing security practices. Every area of the organization needs to break out of siloed security approaches and come together for a holistic approach by implementing tools and solutions that improve their security posture at all levels. Adopting Zero Trust means adopting a framework that is agile enough to maintain security measures while adapting to constantly changing environments and influxes of different users.

A Simple Solution: Okta, CrowdStrike, and Zscaler

A complete Zero Trust approach relies on technologies working together. Solutions offered by Okta, the world’s leading identity authentication provider, CrowdStrike, a global cybersecurity leader in endpoint security, and Zscaler, the leader in securing networks and the environment, have technical integrations designed to scale and align with NIST SP 800-207 Zero Trust components—Policy Decision Point (PDP)/Policy Enforcement Point (PEP). This gives federal agencies confidence that, when implemented together, they will also be on their way to meeting three of the five pillars of the Zero Trust Architecture (ZTA), including identity, device management, and network/environment.

Plus, as federal agencies turn to Okta, CrowdStrike, and Zscaler for help tackling these pillars, they can use the solutions to comply with the laws, mandates, policies, and recommendations that are required for the integration and implementation of new technology in their agency’s IT infrastructures.

Supporting the Public and Agency Workforces

Besides helping tackle the first three pillars, Okta, CrowdStrike, and Zscaler can help meet the needs of federal agencies’ workforces and the public at large.

For most federal government agencies, the mission is to serve the public with digital experiences that match the level of quality they’re used to experiencing in the private sector, i.e., digital experiences that are non-intrusive, secure, simple, and scalable. But as federal agencies begin to implement ZTA in their IT infrastructures, it’s crucial that they maintain the quality of these digital experiences and continue to serve the public and workforce. And, when utilized together, the solutions from Okta, CrowdStrike, and Zscaler empower them to do just that.

By bringing federal agencies modern, identity-centric security that’s both agile and scalable, these solutions ensure a security architecture that will not only meet but will exceed the workforce and the public’s expectations for frictionless digital experiences through products such as single sign-on when accessing content.

Complementary Zero Trust Implementation

Okta, CrowdStrike, and Zscaler can help implement a Zero Trust strategy. When these strategies are put to work, federal agencies have the solutions to modernize their security, enabling simplified, centralized identity and context-rich multi-factor access management. In addition, agencies can trust secure service delivery of data and assets, endpoint and ID security, and secure communication and connection between user-app, app-app, and machine-machine.

Download Okta’s Zero Trust Architecture Solution Brief and contact us today to speak to a member of our team and learn more about how Okta, CrowdStrike, and Zscaler can help federal agencies successfully transition to Zero Trust.

IT Modernization for Campus Re-entry

Posted on by
Reply

Many colleges and universities are poised to emerge from the pandemic stronger than they went in. In large part, they have used the last year to accelerate their adoption of online education where it makes sense, keeping the physical classroom time dedicated to experiential forms of learning. A theme among these institutions is the need to understand what the IT infrastructure can support and how well it’s holding up as institutional demands ebb and flow. A Campus Technology “pulse survey” among IT leaders and professionals found that while the impact of remote learning and work made their jobs harder rather than easier (by 11 percentage points), the outcomes have been worth the effort. Four times as many participants agreed than disagreed that their organization’s response to the pandemic was improving the way they deliver services to students, faculty and staff. Learn how your institution can continue to adapt IT infrastructure in Carahsoft’s Innovation in Education report.

 

Mastering the Art and Design of Remote Work

“On a traditional physical computing device like a workstation, PC or laptop, a GPU typically performs all the capture, encode and rendering for power complex tasks, such as 3D apps and video. NVIDIA virtual GPU technology virtualizes GPUs installed in the data center to be shared across multiple virtual machines or users. The rendering and encoding are done on the virtual machines’ host server rather than on a physical endpoint device. The basic idea is to share the GPU functionality with multiple users and give them the same experience as they’d have if they were running applications on dedicated workstations. The advantage is this: Instead of having a one-to-one connection — one GPU per computer — you get one-to-many. The physical GPU runs in a server and the vGPU software dynamically slices it up to allow multiple users to access its power (up to as many as 64 users per GPU).”

Read more insights from NVIDIA’s Senior Product Specialist, Ismet Nesicolaci.

 

Easier Identity and Access Management

“Single sign-on (SSO) has long been a boon for making the authentication process more efficient. Yet, because of their distributed structures, most institutions haven’t gone all the way with SSO. It may be that program control for the identity and access management (IAM) layer is maintained for some applications by central IT and for others by a given college or department. IT may lack the staff to keep up with the programming requirements and/or the sudden influx of new demand. Or the college or university may be working with other institutions, each operating autonomously even as they need to share people, programs and research data. Then there are the security aspects. While SSO makes for a centralized approach to application access, that access also poses a big risk: If a cybercriminal gets unauthorized access through the SSO, they will be able to access all of the associated applications. Embedding multi-factor authentication (MFA) into the login process adds a needed level of protection to authentication processes to keep accounts truly secure. But students are still stuck with multiple logins, and institutions have to try to keep up with a sprawling and complicated IAM system.”

Read more insights from Okta’s Senior CIAM Developer Specialist, Ryan Schaller.

 

Evolving with IT to Support Research

IIE Campus Tech May Campus Re-entry Modernization Blog Embedded Image 2021“While institutions have expressed continuing concern about wobbling tuition and ancillary dollars, one source of revenue remains healthy for higher education: COVID-19 research funded by federal and state programs. The full measure, from community colleges to Research 1s, are at the forefront of projects to develop vaccines; uncover the sources of coronavirus and its evolving replication patterns; create new initiatives for public health response; understand the impact of the virus on various populations; study the physical and mental health and learning effects of prolonged quarantine; and explore numerous other facets.. However, the heightened attention on campus research comes with a continuing challenge: how to keep up with IT infrastructure needs, typically assembled once the grant funding arrives. Since many of these recent grants are shortterm, turnaround time can be tight. In many cases, research teams are going from near-zero infrastructure to running as quickly as possible — and not just serving applications to users, but storing, processing and sharing astronomical amounts of data.”

Read more insights from Red Hat’s Chief Architect for Higher Education for the North America Public Sector, Damien Eversmann.

 

Your Starting Point for IT Optimization

“The university IT shop doesn’t typically head to Best Buy when it’s time to update infrastructure. Acquisitions have to go through internal planning and approval, budgeting and ordering — and it all takes time. Having visibility into usage trends enables the IT department to better plan, thereby preventing gaps in performance and operations and opening up ample time to line up the funding needed. Best-of-breed monitoring takes that a step further, pulling in information from outside sources, so the IT crew doesn’t have to wonder. SolarWinds Network Configuration Manager, for example, links up with the relevant hardware and software to notify you when a vendor has put an end-of-support notice out. If Cisco has issued an end-of-of life message for a given switch, it serves as an early indicator for you to help plan timing of replacement.”

Read more insights from SolarWinds’ Vice President of Product Strategy for Security for Compliance and Tools, Brandon Shopp.

 

Building the Virtualized Student Union

“The IT organization has been at the heart of successful pivoting as remote teaching and learning have dominated. As a result, now that campuses are starting to return to normalcy, administration will rely on IT to continue enabling the work of enhancing the student experience. That’s especially true if, as many experts predict, hybrid or blended learning will forevermore be part of the modernized college experience. Integration is a big part of the solution. Forget about forcing students to figure out the dozens of different apps and websites they need to fully partake of college. IT needs to integrate the learning management platform, digital content, student support services, health and wellness, esports, collaboration, campus calendar and student information — enfolding them into a virtual student union. This idea goes beyond the student portal, which has been around for a long time. What’s new is the idea of marrying systems that may be PC-based, on-premise-based and cloud-based into a single hub and then wrapping that in a blanket of security that’s transparent to the user. That becomes a game-changer for the student experience.”

Read more insights from VMware’s SLED Strategist, Herb Thompson; VP of State, Local, and Education, Doug Harvey; and Senior National Director for SLED Business Development, John Punzak.

 

Accelerating Student Success with AI

“As growth in undergraduate credential earning has come to a standstill over the last year, colleges and universities are seeking new ways to draw in the right candidates while also holding onto the students they have by bolstering student success efforts. Numerous institutions of higher education are finding success in strategic aspects of the academic lifecycle by embedding the use of artificial intelligence and machine learning. There are several areas where Google sees the potential for “quick wins” in student success initiatives: optimized enrollment and admission, such as automating the activities of credit transfer analysis, document analysis and personalized course planning; virtual assistance, for delivering 24/7 online tutoring and support in multiple languages answering common questions about required courses, financial aid and other topical subjects; and student engagement, like tracking engagement and predicting which students are at risk, to maximize retention.”

Read more insights from Google Cloud’s Cloud Strategic Business Executive for Higher Education and Research, Jesus Trujillo Gomez.

 

A Conversation with Jen Leasure

“As everything went online and was done with technology, institutions needed to invest in new solutions to support their researchers, their faculty, their students, their administration, in conducting their business — and with limited budgets. We know that everyone’s been having particular budget constraints, and they’re looking to maximize the benefits of these types of programs and their discounts. This type of program has been especially important during COVID. And remote and hybrid learning isn’t going away, as we know. It’s difficult to foresee a world where hybrid becomes an option instead of a requirement. Folks don’t like options taken away once they’re there. And so, the investment in these types of solutions is going to continue to support future directions. Cloud access especially has become important for institutions to support their students. That’s one area where we have seen a lot of growth in the last year.”

Read more insights from The Quilt’s President and CEO, Jen Leasure.

 

Download the full Innovation in Education report for more insights from these thought leaders and additional industry research from Campus Technology.