EN TE RP RISE
SPONSORED REPORT
 OUTL K
   Identity and Access Management
if he or she logs in from an unusual location, the system might require the use of a second authentication factor.
An IAM system can also stream- line the user experience by linking an individual’s attributes across multiple identity management systems. Single sign-on is a subset of that approach. And agencies aren’t just applying it to employees. They’re also recognizing the value of using SSO to give external partners and citizens access to online resources.
“Single sign-on is often described as a very simple use case: Can people use it to get access without using their passwords again?” says Karlinsky. “But
to the right applications,” says Karlinsky. And those entitlements should be automatically updated when employees’ roles change or they leave the organization.
Mobile access is another piece of the puzzle. Andrew Whelchel, senior sales engineer at Okta, advises agencies
to look for IAM platforms that can support both the traditional web-based protocols and mobile SSO technology. The search for solutions that are easy to use,  exible, and comprehensive
is bringing many agencies to cloud- based IAM, or Identity-as-a-Service. This approach is also well-suited to citizen-focused activities because it
security and identity expertise. The best solutions let agencies aggregate authorization accounts into a central repository where they can be more easily managed. Integration with other applications is also essential for striking a balance between security and ease
of use. That means having connectors from the IAM system to on-premises and cloud-based applications as well as VPN infrastructures.
As IAM continues to evolve to
meet the challenges of identity in an increasingly digital world, Whelchel believes individuals will eventually have more ownership over their credentials. “There are standards coming now,
such as the FIDO Alliance’s U2F, where you can take your identity with you,”
he says. “You could bring your own multi-factor authentication to whatever services you need, whether they were issued through your employer or a digital government service.”
And Karlinsky predicts a strong future for biometric multi-factor identity management. “Biometric investments—combined with remote, low-friction identity proo ng—are going to open the doors to more secure
employee and citizen services.”
Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud connects and protects employees
of many of the world’s largest enterprises. It also securely connects enterprises to
their partners, suppliers and customers. Okta helps customers ful ll their missions faster by making it safe and easy to use the technologies they need to do their most signi cant work.
For more information, please visit: okta.com
“You can’t log in to an application if you don’t have an account, so what’s really important for single sign-on is automating the creation of those accounts and the provisioning of those accounts with the right entitlements to the right applications.”
—Eric Karlinsky, director of technical marketing at Okta
we think there’s a lot more to some of the latest developments.”
For example, an SSO dashboard that lets users seamlessly log in to all their applications could also simplify other activities by helping them securely store notes or passwords
for personal applications or by giving administrators the opportunity to improve user productivity. And as SSO evolves, it both facilitates and relies on automation.
“You can’t log in to an application if you don’t have an account, so what’s really important for single sign-on
is automating the creation of those accounts and the provisioning of those accounts with the right entitlements
can expand and contract depending on sporadic demands or spikes tied to a particular time of the year, such as tax season.
Customer satisfaction with the sign- on process should be a key concern. “If you think about employees as having
a short attention span or a low level of tolerance for user friction, multiply that by 10 for citizens,” says Karlinsky. “They can walk away and choose not to use the service. So a high-quality end-user experience and a very fast on-boarding capability are really important.”
IAM gives agencies the freedom to focus on building the service they want to provide to citizens, while bene ting from the vendor’s