NY CIO Council: Federated approach to ID and access management

New York's identity and access management is a jumble of inconsistent processes and weak security measures. A new CIO Council report aims at establishing a non-centralized, federated approach.

New York's CIO Council will release a roadmap document for identification and access management that advocates a federated approach, much like Visa takes for credit card verification, the Digital Communities site reports. The site notes the benefits of this approach:

New York - probably like many states - currently uses a hodgepodge of approaches. A state CIO Council survey found:

  • There's no uniform process for establishing user identification
  • There's no regular recertification of identifications
  • There's no single identification process within an agency, which means too many workers are dealing with too many passwords
  • Passwords are the most common form of identification and access control
  • Some biometrics are being used for IAM
  • The amount of information being shared across agencies and governments is increasing significantly.

 The standards-based federated approach offers fixes for most of these issues:

  • A simpler way to grant and revoke user access to information
  • A reduction in the number of sign-ons and passwords an individual must work with to access multiple systems and databases
  • Greater security when it comes to user access to information
  • The elimination of complex, bilateral data sharing rules and structures between different levels of government.



You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All