“In the agency’s latest effort to protect sensitive information, the Department of Health and Human Services (HHS) partnered with the Defense Information Systems Agency (DISA) to develop biometric and behavior-based access credentials for employees.”
“Teased by HHS CIO Jose Arrieta over the summer, CISO Janet Vogel gave a closer look at the justification behind the program at the Digital Government Institute’s Cybersecurity Conference and Expo: Women Leaders in Cyber on Nov. 14…”
“HHS supports 87,000 employees, Vogel explained, which is difficult to manage from an endpoint security perspective. Every user creates an access point for malicious actors to exploit sensitive HHS information, especially as work becomes intertwined with personal mobile devices. To combat this, HHS teamed up with DISA to develop the Assured Identity pilot program.”
“The program considers biometric and behavior indicators to determine a user’s access credentials. Factors like how a user is holding their phone, facial scans, thumbprints, heart rate, and even the applications that the user interacts with are measured to determine legitimacy…”
“Vogel said that HHS and DISA are still doing research on these methods but lamented that securing the funds for implementation could also pose future challenges…” Read the full article here.
Source: HHS Explains its Biometric Identity Login Partnership With DISA – November 14, 2019. MeriTalk.