In northern Virginia, a ransomware hack targeting the state’s traffic management system made it clear that it was time to beef up VPN security. For the state of Illinois, the issue was siloed technology operations within agencies that made it difficult for employees and residents to access tools and services.
The challenge for the city and county of Denver was what the government’s chief data officer described as multifactor authentication “sprawl.”
While each organization had to deal with its own problems, their IT teams all came to the same conclusion: They had to do better with identity and access management.
“I’ve never seen so much interest in this topic,” says Wolfgang Goerlich, Cisco’s advisory CISO for Duo, an identity and access management platform that both Denver and the Virginia Department of Transportation now rely on for protection from cyberthreats. “The big picture is that zero trust has become a mandate at multiple levels, and agencies are turning to identity and access management as one of the quickest paths to success.”
States Turn to Single Sign-On to Share Employee Resources
The state of Illinois ultimately picked the Okta Identity Platform solution to centralize services under a single sign-on. Okta is a cloud-based platform many governments initially deploy to simplify security for their workforce, says Dean Scontras, vice president for state and local government and education at Okta.
“It’s really about reducing friction,” he says. “A lot of states, for example, don’t have a central identity group that says, ‘Thou shalt use this,’ and the result is that they have different solutions and logins at their different agencies.”
That can be frustrating for employees and contractors who need access to applications across multiple government departments. The same goes for citizens hoping to leverage agency resources: It’s not conducive to a seamless experience.
“What often happens is they’ll try it with their workforce and then realize it can benefit residents too,” Scontras says.
For a citizen who wants to pay annual taxes, renew a driver’s license or apply for a hunting license, “all of that suddenly becomes much easier when everything you need is behind one login.”
SaaS Products Bolster IT Visibility for Government Agencies
Multifactor authentication is key to Okta’s user identification protocol, Scontras says; Goerlich says the same is true for Duo. The solution supports a variety of second-factor options, including push, U2F and WebAuthn. Like Okta, Duo offers single sign-on to streamline access to applications.
Organizations turn to Cisco Secure, a Software as a Service offering, both because it’s relatively easy to implement and because it tends to reduce the workload for IT once it is up and running, Goerlich says.
“We’ve spent a lot of time on the design and user experience to make the sign-on process as simple as possible,” he says. In terms of the security and administration side of things, it gives IT visibility into everything from the devices and applications people are using to how they were authenticated when they logged in.
Administrators manage the platform through a central portal, Goerlich adds, and many use the information it provides to “make decisions around how to spend their time so they can optimize support for users and their devices.”
Click the banner below to gain access to specialized content as an Insider.
SSO Solutions Contribute to Cost-Effective Operations
In a recent Cisco Secure survey of nearly 5,000 IT and security professionals, those that reported a mature implementation of the zero-trust security model were three times more likely to say their organizations were running cost-effectively, Goerlich says.
“That’s right in line with what we’re hearing on the ground when we talk to the state and local agencies we’re working with,” he says. “Duo allows them to work more efficiently and with less IT management overhead.”
That’s been especially important over the past few years as many agencies adapted to the pandemic by allowing employees to work outside the office. By providing IT teams with the tools they need to secure devices, regardless of their location, Duo makes such flexibility possible.
“It’s one of the benefits of modern IAM,” Goerlich says. “Above and beyond zero trust, it enables consistency of service everywhere.”
MORE FROM STATETECH: 3 best practices for state agencies to strengthen identity protection.
