Summer homework: NIST welcomes comments until 7/13 on draft privacy risk management framework

Posted on May 29, 2015 by Naomi Lefkovitz

Earlier today, the privacy engineering team at NIST released its draft NIST Internal Report 8062, Privacy Risk Management for Federal Information Systems, and is seeking comments on that draft. This report introduces a privacy risk management framework (PRMF) for anticipating and addressing privacy risks that result from the processing of personal information in federal information technology systems. In particular, it focuses on three privacy engineering objectives—predictability, manageability, and disassociability—and a privacy risk model.

A Retrospective Look: Eating our own dog food with dogged determination

 

It can be hard to serve as an early adopter of new technology. It usually means having very few (or no) examples to demonstrate what to do…and what not to do. Being the guinea pig is no easy feat, but we at the NSTIC NPO are embracing the challenge since we believe this is vital to facilitating the commercial adoption of identity solutions. After all, the NSTIC was clear that building a healthy identity ecosystem would require government to eat its own dog food.

A Retrospective Look: Smelling the roses in the IDESG

Posted on April 22 2015 by David Temoshok

The Identity Ecosystem Steering Group (IDESG), now in its third year, is a key part of the National Strategy for Trusted Identities in Cyberspace (NSTIC). It serves as a forum to build the core set of rules and standards to promote privacy, security, interoperability, and ease of use for online services.

To the Identity Ecosystem and Beyond: It’s the NSTICiversary!

Today we celebrate the most special of days for the NSTIC National Program Office. Four years ago at the U.S. Chamber of Commerce in Washington, D.C., we released the President’s strategy to enhance the choice, efficiency, security, and privacy of online transactions.

A Retrospective Look: NSTIC pilots catalyzing the Identity Ecosystem

Posted on April 13 2015 by Kat Megas

As the NSTIC pilots develop and implement innovative identity solutions, they are confronting head-on the challenges of attempting to convince the marketplace to adopt them. We are enthusiastic about organizations that are pioneering new identity technologies, but recognize that widespread adoption of these technologies require that they be interoperable. Standards are essential here; without them, consumers and businesses have no way to easily adopt these technologies, or judge how – if at all – to trust them.

A Retrospective Look: Advancing standards for strong identity and authentication in the Identity Ecosystem

As the NSTIC pilots develop and implement innovative identity solutions, they are confronting head-on the challenges of attempting to convince the marketplace to adopt them. We are enthusiastic about organizations that are pioneering new identity technologies, but recognize that widespread adoption of these technologies require that they be interoperable. Standards are essential here; without them, consumers and businesses have no way to easily adopt these technologies, or judge how – if at all – to trust them.

A new look at levels of assurance

Posted on April 1, 2015 by NSTIC

Spring is a great time for change, and here at the NSTIC NPO, we like to think we’re always ready for change. When we catch wind of a change in the world of online identity, we like to prepare early.

As NSTIC Turns 4…

Next month, the National Strategy for Trusted Identities in Cyberspace will celebrate its fourth “NSTICiversary” – marking four years since President Obama called for industry, advocates, agencies, academics, and individuals to collaborate to make online transactions more secure for businesses and consumers alike.

BREAKING NEWS: New Privacy Pilot Federal Funding Opportunity

The NSTIC NPO has just announced a new funding opportunity with a special focus on privacy enhancing technologies. NSTIC is soliciting applications from eligible applicants to pilot privacy-enhancing technologies that embrace and advance the NSTIC vision and contribute to the maturity of the Identity Ecosystem the NSTIC envisions: promote secure, privacy-enhancing, and user-friendly ways to give individuals and organizations convenience in their online interactions.

The IDESG hits a big milestone on the road to creating the Identity Ecosystem Framework

The Identity Ecosystem Steering Group (IDESG) has been hard at work delivering on version 1 of the Identity Ecosystem Framework (IDEF). This week, the steering group hit a major milestone: meeting a March 16th deadline for developing baseline requirements for the IDEF.

BREAKING NEWS: NSTIC NPO Announces 2015 Pilot Project Funding

The NSTIC NPO has just announced a 4th round of pilot program funding in 2015 for fresh and innovative identity solutions! The Strategy calls for the private sector to lead the development of an identity ecosystem where individuals can choose from a variety of credentials to use in lieu of passwords for interactions online. These pilots will ultimately address barriers to the identity ecosystem and seed the marketplace with “NSTIC-aligned” solutions to enhance privacy, security, and convenience in online transactions. We are excited to share this news with innovators of all kinds so they will apply for funding in order to address the toughest challenges in identity management. Pilots should create and demonstrate solutions that can help jumpstart the adoption of trusted strong authentication technologies in lieu of passwords, in alignment with the NSTIC.

A Great Leap Forward: Thoughts on Last Week’s IDESG Plenary in Atlanta

Something was distinctly different last week as more than 120 people gathered, both in person and virtually, for a meeting of the Identity Ecosystem Steering Group (IDESG).

Announcing Marc-Anthony Signorino as the new Executive Director of the IDESG!

We are excited to see the Identity Ecosystem Steering Group (IDESG) kicking off 2015 in a big way. In its third year as an organization, the IDESG is gathering at the 12th plenary (January 28-30 in Atlanta), charging ahead with the creation of an Identity Ecosystem Framework that can help provide a foundation to underpin implementation of the NSTIC.

Identity is the Great Enabler: Putting Patients at the Center of Health IT

Addressing Health IT privacy and security concerns are complicated. Often the focus is to zero in on a specific technical solution and leave the often more important issues – policy, privacy, business rules – for others to solve. But as we’ve seen, too many times these other issues are left unaddressed – and progress is hindered.

Come Hang Out With Us to Talk Identity and Innovation in Health Care

Identity is critical to Health Information Technology (HIT), particularly when it comes to sharing health information online. Patients and health providers aren’t going to share personal information if they can’t solve the “identity conundrum” – how to validate that information is going to the right person.

Everybody Needs Identity.

Whether you are 19 or 91, protecting your identity is extremely important – particularly as identity breaches become more pervasive and affect more people worldwide. A recent study revealed the concerns about identity theft are high, with four out of five adults calling identity theft a concern, and about half calling it a “major” concern.*