The Office of Management and Budget issued draft guidance ordering agencies to improve identity management security practices by designating teams of officials from their offices of the chief information officer and chief security officer to tackle the issue.
Those teams will be responsible for overseeing agency Identity, Credential, and Access Management (ICAM) policies — measures to prevent unauthorized access to sensitive information.
The OMB memo also includes policy updates on encryption, multi-factor authentication, and digital signatures, also asks agencies to diversify their risk by using multiple credential providers to offer “resiliency in case of a compromise or other service failure with a credential provider.”
