User Identity Management für Behörden (engl.)
Von Sergio Ortega Cruz am 10. Dezember 2010
Unter Microsoft in Government
Last year, when the Internal Revenue Service began enabling taxpayers to download their tax transcripts, 17 million people took advantage of the service, reducing phone, email, and in-person requests by 40 percent. The new IRS service is a great example of the kinds of government initiatives that can improve citizen services while reducing costs. Yet such services are only possible with a secure and affordable identity management system.
Just a decade ago, identity management was relatively simple. Governments managed their own servers on-premises, supplying employees with a user name and password to access desktop computers. However, in the current mobile-first, cloud-first world, managing user identities has become increasingly complex. Today, identity management often involves monitoring access to a combination of on-premises and cloud-based applications and services. It frequently requires managing the identity of a proliferating number of devices that users bring to work. And, increasingly, it entails overseeing a broad network of citizens and other external users—such as the citizen logon accounts required for the IRS tax transcript service.
The importance of user identity only continues to grow as governments seek to control not just the complex mix of users and devices, but also an exploding number of sensors used to monitor government operations.
Through all of these changes, Microsoft continues to set the standard for identity management. Windows Server Active Directory is currently used by 95 percent of Fortune 1000 companies on-premises, while 1.4 million businesses, government agencies, schools, and nonprofits in nearly 130 countries use Azure Active Directory to authenticate users in the cloud, on-premises, or both. And to ensure that our customers have the most advanced identity management tools, we’re continuing to innovate at a rapid pace.
So what are some of the identity management features we provide? Here are six capabilities that are helping governments secure access to their information:
- Hybrid identity: Hybrid identity provides an in-depth way for governments to manage user access to applications and other resources from a variety of devices across their datacenter and the cloud. User identity can be managed in a unified way regardless of whether applications are stored on-premises or in the cloud. Moreover, managers can easily set up accounts for new employees and quickly remove them when an employee leaves the agency.
- Self-service and single sign-on: Microsoft makes it possible for employees to change and reset their own passwords. They can also create a single sign-on for accessing all of their applications and resources using the same credentials.
- Multi-factor authentication: Microsoft provides the ability to incorporate multiple layers of protection through multi-factor authentication, which requires users to identify themselves in more than one way—for instance, by what they know, such as a user password, and by what they have, such as swiping a smartcard.
- Biometric authentication: Microsoft also makes it possible for users to identify themselves by what they are, through fingerprinting, facial recognition, and retina and iris patterns. With Windows Hello, for example, Windows 10 users can gain access to their devices by showing their face or touching their finger. Using authentication based on a person’s unique biological characteristics, governments have a simple and safe way to protect the security of their information.
- Security reporting and monitoring: Finally, Microsoft offers advanced monitoring and reporting to help governments monitor suspicious logon activity, obtain alerts, and mitigate potential security issues. And with Active Directory Assessment Intelligence Pack, governments can use logic, machine learning, and organizational data to assess the risks and health of their Active Directory environments, while obtaining suggestions for remediating any issues that are found.
Until recently, identity management was one of the biggest barriers to government online services. With the advanced tools offered by Microsoft, those barriers are a thing of the past. Governments can take advantage of today’s secure and affordable identity management tools to offer more citizen services while keeping their information protected.
To learn more, please see Microsoft’s Identity + Access webpage.