A small survey of public sector ‘identity maturity’ in three geographic regions may harbor some clues…

An online survey of 850 IT and line of business decision-makers across, the US, the UK, and Australia/New Zealand in September/October 2021 about trust levels in public sector services has yielded some updated findings amid the long-running COVID-19 pandemic.

Involving the feedback of federal/national and state/local respondents in the three geographic areas, the survey is focused on ‘identity maturity of public sector organizations’ because it is commissioned by identity platform Okta

The research highlights the importance of a centralized identity strategy in putting safe and accessible services into the hands of citizens faster. Key findings include:

  • 17% of respondents were “extremely confident” in the security or ease of use (19%) of their current authentication solution
  • 86% of citizens in the survey used username and password as the most frequent authentication method, compared to 16% who used biometric or passwordless authentication
  • 41% of respondents were currently building their own IAM solution in-house. Of these, 83% cited speed to implementation, and 82% cited using internal staff to manage IAM as two of the biggest pain points.
  • 75% of respondents in government positions were looking to expand their digital services in the next two years
  • 73% of respondents in government positions ranked protecting citizens’ privacy and data as most important when thinking about citizen services
  • Regional analysis shows 71% of US respondents ranking “ensuring citizens’ trust in digital services” as an area of high importance, but 56% of them had less confidence in their organization’s ability to deliver this.
  • In the UK, similar discrepancies in importance versus confidence in delivery included “speed in adding new services” in the UK (66% importance vs. 48% confidence)
  • In the ANZ region, the discrepancies in “improving the user experience” were 72% importance vs. 60% confidence

Stuck with usernames, passwords

Over the past two years of the pandemic, many public sector organizations had grappled with the impact of surges in cyberattacks amid the need to keep public services secure, accessible and user friendly.

Estimated to exert a strong influence on each country’s economy (and making up 30% of the global GDP and 33% of the global workforce), public sectors are under pressure to revive public trust in digital services. From the Executive Order on ‘Improving the Nation’s Cybersecurity’ in the USA, to digital identity and Single Sign-On (SSO) initiatives in the UK and Australia, initiatives to boost public trust in government digital services are struggling.

According to Okta’s Vice President, State and Local Government and Education, Dean Scontras: “Digitalization is likely to continue in light of Zero Trust mandates and mounting consumer expectations. Public sector organizations greatly benefit from bringing their identity management strategy in line with their digital goals. While there is a strong focus on securing citizen data, the vast majority of applications are still protected by a username and password, despite the well-documented security risks.”

The identity platform asserts that government digital transformation should center around an identity-first approach while also laying the foundation for a Zero Trust security model. Key to this approach are modern technologies for identity verification that replace traditional passwords and reduce user friction except when suspicious behavior is detected.