How far have we come?
How far have we come?

Identity management has evolved rapidly over the past decade, and persistent demand for identity assurance means that more change is inevitable. How programs will look depends on how key stakeholders take action.

Today's methods of identity control are superior to those implemented earlier this millennium, when security efforts were typically developed locally and had no enterprise-wide standards. Even across and within branches of the country's military, installations maintained unique processes. Often no vetting standards existed, and those that did were subject to change with new leadership. Vendors and service providers typically needed multiple credentials to gain entry, and even then they experienced long waits at highly congested inspection points. 

Fast forward, and identity management is nearly unrecognizable today. Comprehensive, standardized vetting standards are implemented across an enterprise and privileges at multiple locations are authorized through one service. Authorized personnel are automatically and regularly re-evaluated to catch new developments. Vendors assume the expense of obtaining clearance; although security is a cost of doing business, costs are recouped through increased productivity and efficiency thanks to time savings.  

By adopting a streamlined process for vetting individuals, sensitive government and commercial enterprises help eliminate uncertainty about who is on site and reduce security risks. To continuously improve security, however, work remains. 

Identity management companies rely on fragmented information sources, with thousands of law enforcement agencies reporting activity through various systems. Congress must work to align the country's many databases detailing criminal activity and information. Government agencies and military branches need better coordination in sharing no-entry lists, ensuring that a security risk to one entity is recognized elsewhere. Screening must evolve to consider unexplored background that could disqualify an individual, including mental health. Finally, leveraging the private sector's technological advancements will be critical to adding the highest level of security possible while closing vulnerability gaps.