State and local government agencies continually seek more cost-effective solutions to protect their sensitive data and improve the user experience of the residents they serve. One essential component in that equation is the increasing need for centrally managed Customer Identity and Access Management (CIAM) tools, says Okta’s first Public Sector Chief Technology Officer, Christine Halvorsen, a former FBI executive.
“When we look at the digital world [for state and local agencies], everything’s been redefined around resident engagement,” Halvorsen says in a new podcast interview for StateScoop. “They want that secure, seamless, and personalized experience. If you can deliver better resident services online that are more seamless, integrated, and personalized, the citizens who need to use the phone can get through a lot quicker and get the services they need quicker.”
“Providing a seamless and secure experience will help build trust in the government services,” adds Pam Van Meter, principal solutions engineer at Okta. “The end goal is to centralize everything as much as possible.”
Halvorsen and Van Meter outline several reasons why:
“Identity is that control plane that not only is the policy evaluation engine in the Zero Trust architecture but, more often than not, is also the policy enforcement point,” says Halvorsen. “And that requires an Identity object trying to access data to be authenticated.”
From a security standpoint, she adds, “95% of the attacks right now are through supply chain attacks,” making it crucial to use a tool like Okta’s platform that allows agencies to “identify those [attacks] very quickly.” (Crowdstrike, 2024).
From the customer’s viewpoint, modern CIAM tools also ease the user experience. Okta’s research has found that “approximately 71% of (public sector) customers — and that includes residents — will not log in if there’s too much friction on applications,” (Okta, 2020) she notes.
Modern CIAM tools also help reduce development costs. “Developers spend on average 17.3 hours a week debugging and maintaining legacy bad code, which contains security threats in it,” Halvorsen says. “[They’re also] building custom solutions on top of that legacy Identity, which adds between six to 12 months to project roadmaps again.” (Stripe, 2018).
“When I talk to states and local agencies,” Van Meter adds, “I hear some common themes: They all have stovepipe services and a lot of legacy technical debt. [Those come with] high maintenance costs and higher security risks because they’re not always patched or updated or maintained to a level consistent with what we expect in today’s standards.”
Okta is helping agencies protect their systems and citizen data more effectively with Okta’s Identity Cloud — “an independent and neutral platform that securely connects to over 7,600 applications out of the box. It also meets 90% of the Criminal Justice Information Services (CJIS) Security Policy Identity requirements designed to support state, local, and law enforcement systems,” (Okta internal, 2024; [https://le.fbi.gov/cjis-division/cjis-security-policy-resource-center], 2024) according to Halvorsen.
Listen to the entire podcast conversation on StateScoop. Learn more about how Okta secures and modernizes Identity for public sector agencies.
