Governments are Ahead of the Curve With Zero Trust Deployment

Government institutions are prime cyber targets. In fact, according to a 2021 report from Auth0, more than 10 percent of registration attempts for online government services represent threat actors trying to create fake accounts. Around the world, public policymakers and technology leaders have chosen to strengthen their security posture by adopting Zero Trust architectures. In our recent State of Zero Trust Security survey, Okta looked at the progress that global government technology leaders are taking to implement an identity-first Zero Trust security posture and found two important takeaways:

  • When it comes to implementing Zero Trust security measures, governments are outpacing the private sector
  • By implementing Zero Trust security, governments have built momentum—and their journey starts with identity

Governments are outpacing the private sector when it comes to implementing Zero Trust security measures

While governments around the world are often assumed to be lagging behind the private sector when it comes to adopting innovative technologies, our survey reveals that governments are actually leading the way with the deployment of Zero Trust strategies and technologies. More government organizations than companies confirmed that they have a Zero Trust security initiative in place today (72 vs. 55 percent). Overall, governments deserve credit and recognition for their commitment and progress to being early adopters and technology leaders.


When compared to the private sector respondents, a higher percentage of government organizations experienced a significant increase in budget to support their Zero Trust initiatives over the past 12 months. Nearly 9 out of 10 government respondents saw an increase (87 percent). In the U.S., President Biden’s 2021 executive orders on improving the nation’s cybersecurity and transforming federal customer experience continue to fuel Zero Trust initiatives across the public sector and make it the benchmark for security.

Governments have built momentum by implementing Zero Trust security, and their journey starts with identity

The central tenet of the Zero Trust security model is to “never trust, always verify,” and while there may be a range of methods to do that, none is as reliable as identity and access management. According to our study, nearly all government respondents worldwide said that identity is an important or business-critical part of their overall Zero Trust strategy (99 percent). Nearly one out of five respondents deemed it business-critical (19 percent).

image 2

By integrating elements of identity through their security practices – such as implementing the principle of least privilege or user and machine verification or enabling second-factor login technologies such as one-time password (OTP) or biometrics – government agencies continue to make noteworthy progress towards achieving a complete Zero Trust architecture that enhances security and user experience. Two-thirds of government respondents said that they have already implemented multi-factor authentication (MFA) for their employees (66 percent), and nearly half have done so for external users (45 percent). See the complete survey findings here.

Governments are clearly taking action to prioritize Zero Trust security. They also understand that identity is the foundation for strengthening the cybersecurity of their services and applications while ensuring a smooth user experience for their workforce and residents. Their leadership is setting the pace for better security practices not just across government but also in the private sector. Okta now secures the identities of over 24 million users across various levels of the U.S. federal government, and we are proud to partner with governments and organizations around the world to achieve the benefits of embracing a Zero Trust approach.