New York state issues access management guidelines

The New York State CIO Council has issued a best practice guideline for managing online access to state and municipal transactions and applications. Called The NYS Trust Model, it governs the use, management, and protection of the identity credentials of state and local officials, as well as citizens on the networks. According to a news release issued by the state, the best practice guideline “will serve as the foundation for future identity and access management policies.”

This is an important step forward in New York state and is a trend to watch. Security is an overriding concern on any network and one that becomes problematic in municipalities and state agencies that open their networks to business partners, citizens, and visitors. As the release notes:Trust in the security of information exchanged over the Internet and other networks is vital, said OFT. Government must address the issues of user authentication, confidentiality, and integrity of data transferred, and the ability to hold transacting parties accountable when necessary. Thus, solutions that provide this type of protection are critical components of an organization’s information security program. Trusting the identity of users is an important part of such a solution.