The Interior Department is on pace to use two-factor authentication within the next year, the agency’s chief information officer said.
In the past, the department has fallen short of federal requirements to use a two-factor system, CIO Sylvia Burns said. But that could soon change.
“Interior continuously did not meet the mark. But I think that over the next year, we will,” Burns told FedScoop at Interior’s headquarters in downtown Washington, D.C., Monday.
Single-factor authentication refers to a system that only requires users to enter in a username and password. Two-factor authentication requires something extra, like a personal identity verification card, or finger or voice print recognition. Interior will be using a smart card, she said.
Burns credited Interior staffers for their efforts on the project.
“I think a lot of it has to do with communication and getting into the brass tacks of people having plans and doing good project management where you’re tracking the measures and seeing that everybody is hitting the mark,” she said.
Her comments come less than a month after the Office of Management and Budget released its annual Federal Information Security Management Act, or FISMA, report to Congress. In the report, cybersecurity experts found “that the majority of Federal cybersecurity incidents are related to or could potentially have been mitigated by Strong Authentication [i.e., multifactor authentication] implementation.”
It included Interior on its list of 18 agencies that don’t require the majority of privileged network users log on with more than a user ID and password.