Fed CIO: Use 3rd Party Web Credential Software
In systems and software development sometimes the best implementation path is to choose not to build and manage but rather just buy product off the shelf. In the Federal government, there are clear mandates to move applications to the cloud if possible and use 3rd party software whenever possible as a cost savings means.
The Fed CIO Steven VanRoekel has suggested that federal agencies should prepare to accept identity credentials provided by third parties as an alternative to managing their own identity credentialing systems as a cost-saving measure.
Today, people who interact with the government online must register an identity with a federal website. The agency must maintain many backend systems to manage the online identities.
There are clear documented benefits to using externally-issued identity credentials, including decreased burden and reduced operating costs for federal IT systems, as well as cost avoidance for the agencies, VanRoekel wrote in a memo to federal CIOs.
In the memo, VanRoekel provides guidelines for agencies on when they must begin accepting third-party credentials, and names several providers of credentialing systems and trust frameworks that have been accepted for those purposes.
VanRoekel's memo was published online by the Kantara Initiative, a trust framework provider named in the memo as one of about a dozen providers of credentialing services that have met federal guidelines.
As an example of success, VanRoekel offered the National Institutes of Health’s PubMed2 website of biomedical studies, which has been utilizing externally-issued credentials for access since June 2010, VanRoekel wrote in the memo. More than 72,000 users have accessed PubMed2 by registering and utilizing third-party credentials.
“NIH estimates that its identity management initiative will result in cost avoidance of more than $2.98 million for fiscal years 2011 through 2015,” VanRoekel wrote in the memo. “These savings will result from not having to manage user IDs and passwords for external users across approximately 50 systems.”
Enjoyed the article?
Sign-up for our free newsletter to kick off your day with the latest technology insights, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.