by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : March 2015
GCN MARCH 2015 • GCN.COM 23 F or most of the history of the In- ternet, security has meant stop- ping attackers from breaching the walls surrounding networks and computer systems. While that’s still important, identity systems – and the electronic formats for managing them – have become the top priority for organi- zations looking to safeguard the govern- ment data attackers now target. Homeland Security Presidential Direc- tive-12, put into action in 2005, is the ba- sic policy underlying the use of security credentials in the federal government. The Obama administration took that a step further in April 2011, with the re- lease of the National Strategy for Trusted Identities in Cyberspace (NSTIC), which set a focus on public/private collabora- tion to “raise the level of trust” associ- ated with online identities. Following a rash of high-profile data breaches in the both the public and pri- vate sector in 2014, the Obama admin- istration has raised the pressure even more. In October it issued an executive order aimed at cutting down on identi- ty-related crimes and directed various agencies by the beginning of this year to start issuing credentials with stronger security. The government “must further strengthen the security of consumer data and encourage the adoption of enhanced safeguards nationwide in a manner that protects privacy and con- fidentiality while maintaining an effi- cient and innovative financial system,” Obama said. Even before the release of the order, the market had been responding to this need by providing multi-factor authen- tication that has stopped many common types of attacks, according to Jeremy Grant, the senior executive for identity management at the National Institute of Standards and Technology. Grant also heads the NSTIC National Program Of- fice. “Through more than a dozen NSTIC pilots, the private sector has demonstrat- ed material progress in advancing more secure, privacy-enhancing, easy-to-use identity solutions,” he said in a recent blog post. “It’s time for the government to make sure our own services are em- bracing the best the market now has to offer.” Government agencies at least now un- derstand the need to become more data- centric in how they look at security, said Jerry Irvine, chief information officer at Prescient Solutions and a member of the National Cyber Security Task Force. The use of data-supported security has become more urgent even though tradi- tional forms of perimeter-based secu- rity such as firewalls, intrusion detection systems and virus detection continue to be the most common solutions currently used, according to Ir vine. What’s more, mobile phone prolif- eration has exposed agencies to a steady shifting of vulnerability across their net- works. “Firewalls look like so much swiss cheese these days because there are so many open ports and types of applica- tions that people are allowed to access from their mobile phones and other de- vices and through the Internet,” said Ir- vine. “Now it’s become a matter of seeing how you can better secure data with ... protocol protection, access control rights and data loss prevention applications,” he said. And managing the identities and security credentials needed for that is no small project. For one thing, each agency has its own needs when it comes to security and the level of information assurance it can ap- ply to its data. 0315gcn_022-025.indd 23 3/5/15 12:43 PM