This post is excerpted from GovLoop’s recent guide, Preparing for the Era of Digital Transformation.
An Interview with Ted Girard, Vice President of Public Sector, Okta
For most agencies, it’s no longer a question of if IT modernization is necessary. Rising citizen demands, end-of-life legacy systems and a dwindling workforce require new technologies to meet new needs. But acquiring, deploying and securing modern systems is far from easy for government organizations.
In a recent interview with Ted Girard, Vice President of Public Sector at leading identity management provider, Okta, we examined the challenges, as well as identity-focused security solutions, to public sector modernization. Girard pinpointed two main obstacles to most agencies’ digital transformation efforts: budget and security.
According to ITDashboard.gov, approximately 69 percent of the current federal IT budget is being spent on O&M, with only 23 percent spent on development, modernization and enhancements. “Unfortunately, the return on modernization projects isn’t immediate and only accrues when the new project is released into production and the old system is retired,” Girard said. “With only 15 percent of IT budget available, agencies are struggling to just get started with modernization.”
When agencies do acquire funds to adopt modern technologies, they often run into another problem. New technology trends — cloud, mobile and the internet of things (IoT) — don’t integrate well with their traditional security protocols.
“Because these trends are delivered outside the perimeter of the traditional data center, they introduce an entirely new set of security concerns,” Girard explained. “How do agencies determine who has access to what? How do agencies protect their people’s identities and data? What can be done to mitigate the risk in order to take advantage of modern services? These questions have to be answered prior to embarking on any modernization initiative.”
While these budget and security issues often prevent agencies from adopting new technologies, Girard argued that these challenges can actually provide opportunities to rethink the way government provides modern services. Instead of focusing on the challenges to technology adoption, he suggests, consider how new tools can help overcome agency constraints to actually better serve your people — whether they are internal users, like employees or contractors, or external users, i.e. consituents and consumers.
“The goal of any project should be to deliver a highly-reliable, consumer-grade user experience without compromising on security,” Girard said. “By focusing on the user, agencies can deliver a seamless experience while simultaneously controlling what the user is allowed or not allowed to access.”
A user-focused modernization project not only ensures that new technologies meet stakeholder needs; it also illuminates a new tactic for increasing security. By using the identity of individual users – whether employees, citizens or other agencies – organizations can adopt new technologies that transcend the traditional perimeters of data centers.
“Identity is the nexus point between people and technology,” Girard said. “It’s the lynchpin for allowing organizations to take advantage of the benefits of modern cloud, mobile and IoT technologies — and whatever comes next.”
“With the perimeter of the data center perforated by these new technologies, there is a need for a consistent and centralized control point,” Girard continued. “Identity is that control point. Agencies need to think about moving identity management from a back office IT tool to the forefront as the strategic foundational layer for enabling modernization. This will ensure the right people have the right access to the right information at the right time.”
Identity management providers, like Okta, can help agencies put identity at the center of security and modernization strategies. Rather than focusing on placing firewalls around new tools or patching outdated systems, agencies can create a universal view of each user’s actions and access privileges within their IT infrastructures. Even when that user accesses technologies outside the traditional data center, IT administrators can monitor their access and ensure security is maintained. That allows agencies to adopt better, more modern tools without introducing new vulnerabilities to the organization.
At the same time, this identity-focused approach addresses the budgetary concerns associated with modernization plans. Okta’s FedRAMP certified cloud-based identity management is provided as-a-service, meaning that there are no hardware costs associated with configuration or deployment. Plus, Okta provides services that are user-friendly, requiring minimal training and maintenance.
That lets agencies focus on adopting the technologies they need, rather than security or costs. “Our vision is to enable any organization to use any technology,” Girard said.
With identity management as-a-service, agencies can overcome the security and budgetary constraints associated with modernization. Instead, they can focus on adopting the best new technologies to meet user needs while remaining confident that access and identity controls are robust.