SIMPLE, SECURE ACCESS TO FEDERAL DATA AND SERVICES

In accordance with Executive Order 13681 the Federal Government has developed a plan to accelerate progress towards delivering more secure citizen-facing government digital services.  This plan builds upon guidance set forth in the National Strategy for Trusted Identities in Cyberspace and outlines specific principles, actions, and a roadmap to drive the implementation of effective identity proofing and multi-factor authentication for consumer-facing and public use websites operated by the Federal Government. 

There has been a long history of research and development, and an accumulation of expertise within the Federal government regarding digital identity, but challenges to better secure access to applications that handle sensitive data remain.  There are also opportunities to improve ease of use for consumers and provide better implementation guidance, tools, and services for Federal departments and agencies.

In response to these challenges, the plan outlines a program to accelerate simple, secure, user-friendly access to public-facing Federal consumer services and information, while protecting consumer privacy.  The program will lead implementation of technology, policy, and marketplace engagement for consumer-to-government transactions by providing common identity services for departments and agencies that support best-of-breed identity proofing and multi-factor authentication solutions.  In addition, the program will provide design patterns, implementation guides, and tools for incorporating public and private sector identity-proofing offerings and multi-factor authentication systems, and drive the collection of data on Federal identity and authentication systems with appropriate controls for user privacy, to support the implementation plan.

Supported and informed by expertise and lessons learned from previous implementations and pilot programs, the Program will leverage existing tools, technologies, processes, and public and private-sector partnerships to achieve the following three objectives in support of the mission:

• Deploy common identity services to support effective identity proofing and multi-factor authentication, and accelerate adoption for the highest-priority use cases;
• Deliver simple, effective implementation guidance and operational capacity to scale adoption;
• Define meaningful metrics and establish practical processes to inform data-driven progress towards simple, secure access to digital services and information.

Safeguarding data in the possession of the U.S. Government, preventing its theft and ensuring privacy is fundamental to preserving the trust of the American public, and the plan is an important step forward.