US health agency ponders digital identity as a service to manage crises
Of the many U.S. agencies that should be encouraged in every way possible to make remote work easier and more secure, surely the National Institutes of Health should be a top candidate.
One of the lessons of the pandemic has been that people working on identifying and managing a global health catastrophe should face as few challenges doing so as possible. Little surprise, then, that the NIH is looking for technology information from qualified vendors of identity, credential and access management systems.
The NIH’s Center for Information Technology has issued a request for information (summary here), due March 7, about the possibility of deploying identity security and management as a service. The center is a part of the NIH’s National Library of Medicine.
The full notice is here.
Officials are considering outsourcing web authentication, directory services and secure access service edge, or SASE, services.
They learned that during an unprecedented crisis their model was insufficient.
Application onboarding was “arduous and time-consuming,” according to the NIH’s request. And “overly customized web-agents” in legacy apps eat up too much staff time and resources to be useful when things have gone sideways.
Operations are opaque in real-time situations when it comes to key metrics including user activity and digital ID and access management metrics. Last, the NIH wants better and more reliable insights into system problems that make staff less productive.
An article by trade publication FedScoop reports that officials would like any result of this effort to help create a zero-trust environment for the agency.