Public sector vs identity access management: Auth0 global reports
Global enterprise digital identity platform provider Auth0 turns its attention to the public sector in a series of regional reports and the overall “2022 Public Sector Identity Index Report – Global Report”.
This “global report” is a quantitative online survey of 850 IT and business decision makers at the national and local levels in four countries: the U.S., UK, Australia and New Zealand. It sought to establish how identity authentication is being used now in and by the public sector, its problems and any plans to change the systems or processes. Around a fifth of respondents identified themselves as the ‘resident expert’ on identity and access management (IAM), and half knew ‘quite a lot.’
Generally, respondents in Australia and New Zealand (ANZ) are more concerned about users’ privacy, data, sense of trust. UK respondents are less concerned than their U.S. counterparts. A similar pattern emerges when it comes to confidence in delivering privacy and data protection (and for ensuring the trust of the public in digital services, only 53 percent of UK respondents were highly confident compared to 62 percent in ANZ).
With a few exceptions, such as who provides IAM solutions – ANZ stand out with 56 percent creating their own in-house compared to 39 percent in the U.S. and 29 percent in the UK, while 39 percent of UK respondents use a third-party IAM provider compared to 14 percent in the U.S. and 9 percent in ANZ – the IT staff have similar views and experiences across their countries.
Because their citizens have similar views and experiences.
Overall, 86 percent use username and password to access the government services provided by these IT professionals. ANZ respondents take the lead with the number reporting citizens using government-issued credential at 57 percent and for biometric or passwordless, the U.S. respondents cite 19 percent. (Interestingly in the dedicated UK report, respondents said that 24 percent of local service users used biometric or passwordless authentication for service access compared to just 11 percent at the national level. Local respondents were also significantly more confident in the security of their access systems than their national counterparts were.
Only 12 percent of respondents said all their services were available digitally, while 75 percent said they have some available now and plan to expand in the next two years.
Auth0 wanted to push respondents’ ‘pain points’ on the problems around building IAM in-house, although they reveal the obvious points of speed, cost and complexity. Likewise with asking whether having one credential across all services is ‘important.’ Globally, 66 percent of IT professionals think it is either very or extremely important. But without knowing whether this is to reduce the load in password renewal requests or taking a stance on a single source of truth on citizens, the figures are hard to digest.