Get Email UpdatesSign up below to receive free Trusted Identities Group blog updates.
- Mic Drop — Announcing the New Special Publication 800-63 Suite!
- REGISTER NOW – Privacy Risk Assessment: Prerequisite for Privacy Risk Management Workshop
- A minor plot twist: Comment period extended for PART of SP 800-63-3
- Closing time! You don’t have to go home … but you can still comment on draft SP 800-63-3
- Build Trust and Verify: New funding opportunity to assess our state pilots!
Tag Archives: Mike Garcia
Let’s get this out of the way right up front: this is not an early April Fools Day prank!
Granted, government blogs aren’t the typical medium for getting emotional. But we (Paul and Mike), and the rest of our incredible team at NIST, have truly been moved by the support, encouragement, and engagement you’ve provided as we embarked simultaneously on this major update to the document and – perhaps even bigger – updating our community engagement process to achieve a better result on this document. Continue reading
Last year we issued five grants so state and local jurisdictions could use digital identity technologies to improve delivery of services.
Now, we want to evaluate how well those pilots have done: we’re issuing a new funding opportunity to quantify the benefits these solutions bring to the organization and end users, share lessons learned, and shed light on how successfully similar solutions can be adopted elsewhere, in public sector programs and services at all levels of government. With so many individuals depending on state and local government services for day-to-day activities, these entities can play a critical role in advancing digital identity for large populations. The findings, discoveries, and lessons learned from this funding opportunity will help pave the way for NIST to better inform and improve upon broader cybersecurity efforts in the future. Continue reading
When you think about 2016, the first thing that comes to mind is innovation in the identity ecosystem. That can’t just be us, right? While there has been a host of high-profile bad things that happened in digital identity this year, we try to keep our eyes on the prize. And there’s been a lot of progress toward the long-term goal. Continue reading
As the sun was setting on the thirtieth modern Olympiad in London, NIST was preparing to announce our very first set of NSTIC pilot projects. As the flame goes out in Rio, we’re setting new records. In our largest pilot announcement to date, today NIST is proud to add six new projects to our ranks and bring the total number of projects to 24. Continue reading
Last week in New Orleans, the Identity Ecosystem Steering Group (IDESG) launched the Identity Ecosystem Framework (IDEF) Registry and publicly listed the first four organizations to self-attest. At the 17th IDESG plenary meeting, these organizations presented their experiences – emphasizing the business benefit of publicly showcasing their dedication to trusted digital identity solutions. They also shared the ease of self-attestation, thanks to the IDESG’s concierge that assists Registry applicants. Continue reading
It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:
It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading
Recently NIST joined the FIDO Alliance under its newly-created government membership class. The FIDO Alliance was formed in July of 2012 and aims to bring easy-to-use, privacy-enhancing authentication devices to the consumer mass market. FIDO-based credentials are designed to provide an … Continue reading