Protection against IRS and OPM-type hacks available to government agencies but not always used
Teaneck, NJ, July 14 – Multi-factor authentication – a security protection required by US government standards – could have prevented the recent Internal Revenue Service (IRS) and Office of Personnel Management (OPM) security breaches that have exposed the personal information of millions of citizens to hackers, spies and cyber-criminals. The Federal government has been encouraging its agencies to use multi-factor authentication since November 2009, when it published the FICAM (Federal Identity and Access Management) Roadmap and Implementation Guidance. To date not one of the agencies adopting it has experienced an authentication-based breach.
Multi-factor authentication provides tighter control of cyber-identities by requiring more robust verification of the identity of each participant. Once established, the single identity credential can be trusted across similar systems that have taken the steps to operate with each other. The single identity eliminates the need for establishing and managing multiple cyber identities.
"By aggressively implementing the FICAM guidelines, Federal agencies can protect the millions of identities within their respective systems from being hacked," says Peter Alterman, PhD, COO, SAFE-BioPharma Association, the non-profit, private sector group responsible for the global identity and access management standard serving the biopharmaceutical industry. Before joining SAFE-BioPharma, Dr. Alterman was a senior advisor in cyber identities to the National Institutes of Health. During his 33-year career in the US government, he also headed FICAM.
SAFE-BioPharma is one of four trust frameworks certified by the federal government. Systems compliant with SAFE-BioPharma automatically trust cyber identities across all related systems, including those in U.S. government agencies.