New Research Reveals Public-Sector IAM Weaknesses and Priorities

Auth0 Public Sector Index shows that governments are struggling to provide trustworthy online citizen services.

January 12, 2022

4 Min Read

PRESS RELEASE

BELLEVUE, Wash.--(BUSINESS WIRE)--Auth0, a product unit within Okta (NASDAQ: OKTA), today released the findings of its first Public Sector Identity Index, a global research report that provides government technology leaders with insight into the identity maturity of public sector organizations around the world. The report highlights the importance of a centralized identity strategy in putting safe and accessible services into the hands of citizens faster.

Over the past two years, many public sector organizations were prompted by the immediate need to deploy digital infrastructure to maintain continuity of their services amid the COVID-19 pandemic — such as offering citizens license renewals online and virtual education — and are now grappling with the impacts on cybersecurity and user experience. From the Executive Order on ‘Improving the Nation’s Cybersecurity’ in the U.S., to digital identity and Single Sign-On (SSO) initiatives in the UK and Australia, enabling employees, citizens, and other government entities to access all of these applications easily and securely has become a demand around the world.

The 2022 Public Sector Identity Index, conducted by Auth0 and Market Connections, captures the perceptions of 850 IT and line of business decision-makers within national and state/local government organizations across the U.S., UK, and ANZ (Australia and New Zealand) with regard to their Identity and Access Management (IAM) strategy.

The report’s key findings include:

  • Only one in five are extremely confident in either the security (17%) or ease of use (19%) of their current authentication solution.

  • Username and password is the most frequently used authentication method by citizens (86%), compared to very little usage of biometric or passwordless authentication (16%).

  • Four in ten are currently building their own IAM solution in-house (41%), and cite speed to implementation (83%) and using internal staff to manage IAM internally (82%) as two of the biggest pain points in doing so.

  • Most governments are looking to expand their digital services in the next two years (75%) and rank protecting citizen’s privacy and data as most important when thinking about citizen services (73%).

Regional analysis shows U.S. respondents rank ensuring citizens’ trust in digital services as an area of high importance (71%), but have less confidence in their organization’s ability to deliver this (56%). Similar discrepancies in importance versus confidence in delivery include speed in adding new services in the UK (66% importance vs. 48% confidence), and improving the user experience in ANZ (72% importance vs. 60% confidence).

Dean Scontras, Vice President of State and Local Government and Education (SLED) at Okta, said: “Digitization is likely to continue in light of Zero Trust mandates and mounting consumer expectations. Public sector organizations greatly benefit from bringing their identity management strategy in line with their digital goals. While there is a strong focus on securing citizen data, the vast majority of applications are still protected by a username and password, despite their well-documented security risks.”

According to Forrester Research, the public sector has a massive influence on the entire economy making up 30% of the global GDP and 33% of the global workforce, and the global research firm predicts that more governments will adopt Zero Trust frameworks to revive public trust in digital services.1

An Identity-First approach puts identity at the center of government digital transformation, while also laying the foundation for a Zero Trust security model. Key to this approach are modern login technologies that replace traditional passwords, and introduce friction only when suspicious behavior is detected. By making the shift to Identity-First, organizations like Larimer County provide easy and seamless access for legitimate users, while decreasing the risk of security and compliance breaches.

Jessica Figueras, a cybercrime and digital identity advisor to governments and Okta consultant, said: “In the face of increasing digitization, skills shortages, and online harms, governments are taking a hard look at the technologies they can bring onboard to help them reach their digital goals. The research suggests that identity is one such technology that can help the public sector do more with less.”

To learn more and download the full report, please visit: 2022 Auth0 Public Sector Identity Index.

Methodology

Auth0 engaged Market Connections to design an online survey of 850 IT and line of business decision-makers within national and state/local governments in the U.S. (200 federal, 200 state & local), UK (100 federal, 100 state & local), and ANZ (Australia and New Zealand) (155 federal/national, 95 state & local), fielded in September-October 2021.

About Auth0

Auth0, a product unit within Okta, takes a modern approach to identity and enables organizations to provide secure access to any application, for any user. The Auth0 Identity Platform is highly customizable, and is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.

About Okta

Okta is the leading independent identity provider. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential. More than 14,000 organizations, including JetBlue, Nordstrom, Siemens, Slack, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights