How One Local Agency Transformed Citizen Experiences and Cybersecurity During the Pandemic

For all the talk about the various technologies involved in digital transformation, people are really what’s driving organizations to push themselves in new directions. That’s why, at Okta, you’ll continuously hear us utter the phrase “your people are your future.” It’s not just a catchy slogan; we really believe that people—customers, employees, and citizens—are powering technological change.

The effort that Washington D.C.’s Department of Consumer and Regulatory Affairs (DCRA) put forward to deliver an exceptional and secure experience for D.C.-area residents is an excellent case in point. The DCRA protects the economic interests and health of these residents by ensuring that all the city’s businesses are code compliant and operating within established guidelines. That’s not easy, especially in a city of nearly 700,000 people. The DCRA’s website fields hundreds of requests per day from residents and businesses requesting everything from permits to licenses to housing inspections.

To make things more challenging, the DCRA traditionally used different applications for different services. So, a small business owner applying for a permit and a license would need to use separate applications and enter their information multiple times. Furthermore, DCRA administrators had to sort through the requests and match them with the appropriate person, a task made tougher thanks to nuances in people’s names and the use of different usernames.

Okta showed the DCRA a new—and better—way.

From multiple sign ons to single sign on

When the DCRA came to us for a more streamlined solution to their multiple sign-on challenge, it became immediately apparent that we were looking at a problem on two fronts. First, citizens needed a frictionless way to interact with the agency, especially during the pandemic, when in-person services were suspended. Second, DCRA employees needed a more efficient way to keep up with the growing number of requests. Key to that was eliminating the need to match up different requests to a single user.

We introduced the DCRA to Okta’s Single Sign-on (SSO) solution, which allowed the organization to significantly reduce the amount of login credentials citizens needed to make requests through the DCRA portal. Users can now create a single username and password and use that information to access and use the site’s various services.

The net result was two-fold. SSO  makes it much easier and more expeditious for citizens to use the DCRA’s services. Meanwhile, DCRA administrators no longer worry about matching up different requests to a single user. That saves an enormous amount of time and frustration and frees administrators up to proactively respond to and service requests in a timelier manner.

Upgrading cybersecurity with unique personas and multi-factor authentication

The DCRA was also well aware that cyberattacks against state and local governments had been on the rise since long before COVID-19. Not wanting to leave anything to chance, the agency also decided to upgrade its security posture so it could better manage and monitor user access.

When we first spoke to the DCRA about this, we talked about some of their primary security goals. We discovered they wanted to a) make sure the people accessing their system were who they said they were; b) keep track of the services they’re using; c) do all of this as easily as possible. We presented the DCRA with an Identity Access Management (IAM) solution to meet each of these needs.

The DCRA now utilizes unique indicators for each user, essentially signaling that the users are who they say they are. These indicators can change over time based on a user’s perceived risk levels or suspicious behavior patterns. For example, if the system catches a user trying to access multiple applications in a single session—an unusual pattern for that user—the system can automatically limit or revoke access rights. This is backed up by multi-factor authentication, which offers yet another layer of security.

The IAM solution also allows system administrators to track who’s using what applications and control access to those applications. All of this is easily managed through a centralized dashboard.

Responding to citizen’s needs while providing a great user experience

The timing for these implementations couldn’t have been better for the DCRA. Like all agencies, the DCRA had a lot on its plate in 2020 and had to get very creative in how it approached everything from building inspections to a spike in virtual requests. By modernizing its sign-on and security processes, the agency was able to successfully respond to citizens’ needs during the pandemic and provide them with a great user experience.

The two solutions Okta provided now form the foundation of Access DC, the DCRA’s revamped online platform. Since its implementation, Access DC has welcomed tens of thousands of new users—and hundreds of thousands of new sign-ons through Okta. Access DC has won rave reviews from its citizens and users agreed that their experience with the DCRA was highly satisfactory.

The DCRA digital transformation journey is a great example of how an organization’s technological initiatives are driven by the people they serve. Now, the DCRA is positioned to build off of this accomplishment and continue to refine and augment its services as needed.

To learn more about how Okta’s solutions can help you build a more secure and efficient digital experience, drop us a line. You can also read more about Okta’s work with DCRA in this customer journey and this article in Route Fifty.