Identity conflict: How government can address its biggest workforce identity issue

With government employees using multiple credentials across different agencies and locations, including home networks, identity access management (IAM) leaders face increased pressure to streamline both physical and digital workplace access without compromising security. So, what’s the solution, particularly when there are so many existing systems and processes already in place?

The problem with having multiple workforce identities

Historically, logistical, technological and cultural barriers have forced governments to create and manage employee credentials in silos, separating physical and digital access, identity establishment and authentication, as well as inter-departmental and cross-agency access. This fragmented approach has compounded administrative challenges associated with credential management.

One of the biggest issues government personnel continue to bring to us is the complex problems presented by identity conflict, or employees holding multiple credentials. On a recent business trip to Canberra, we met an individual who holds nine access cards unique to the building he works in. That’s for physical access alone. As it stands for most government agencies, one credential may be used to access the front door of their workplace, another to get into their department’s digital assets, while another still to log into their work account. Add to this the fact employees often work across multiple government departments and systems, and you have a complex identity management issue.

To move to remote work is further compounding government IAM challenges

Thankfully more robust identity establishment and management is now commonly recognised as a key factor in minimising the threat of malicious actors infiltrating critical systems. That said, solid solutions are yet to be put in place. Add to this the challenges associated with granting employees access to internal services from outside the organisational perimeter (hello COVID-19), and the demand for a more streamlined solution is becoming increasingly critical. With the majority of their teams now working remotely, leadership are facing a worrying question about the integrity of their identity management: “How do I know that the person accessing our network at the start of the session is the same person the entire time?”

It’s a critical question. What does happen when an individual accesses restricted documents from an offsite device? Do you have any accurate way of knowing whether or not someone else is illegally observing that critical data? It’s a problem not easily solved, particularly across government, which has historically found rapid shifts to new technologies and processes challenging.

Is biometrics the answer?

If traditional authentication methods (physical swipe cards, passwords and PINs) are commonly accepted to be fundamentally flawed, what’s a viable alternative? Enter biometrics. Unlike these traditional methods, eyes, voices, faces and fingertips are unique to everyone. So you immediately reduce identity risks that even the most sophisticated multi-factor authentication measures can’t.

Biometric authentication is also renowned for enabling a more convenient user experience. Users no longer have to juggle multiple passes just to get from their building’s front door to their workstation, or remember a number of complicated passwords.

However, despite these clear advantages, all too often we see biometric technology deployed in a way that doesn’t solve the root causes of identity conflict, or eliminate core security vulnerabilities. We are still seeing biometric solutions operating in silos.

The true enabler is maintaining a single credential for universal authentication

One way to solve complex issues associated with identity conflict is to use native biometrics, not just as the authentication method for all physical and digital access scenarios, but also as a method to establish a verified identity in the first place. Only then can you be sure the people accessing your organisation are who in fact they say they are.

What Daltrey brings to market is a unique biometric solution that integrates both physical and logical access using a single, trusted biometric credential. That means if a verified government employee walks into a building, a biometric authentication method such as facial recognition can be used to grant them secure access – in the door, through the turnstile, up the elevator and through their device’s login protocol. This same universal credential works in the same way for a home or remote network. Importantly, it can be used across all government agencies, dissolving not just departmental silos but as a government-wide solution.

For governments who need to ensure continuous authentication at all times, a universal biometric credential  provides a higher level of assurance to the agency as well as a more streamlined user experience. This, combined with immutable reporting, means top-tier risk mitigation for leadership. Perhaps most importantly, having just one trusted credential for use across all access scenarios eliminates the risks and administration associated with identity conflict.

Learn more about Daltrey’s solution for government and critical infrastructure