An interesting report, “Securing Cyberspace for the 44th Presidency” by the Center for Strategic and International Studies, focusing primarily on numerous process improvements within the executive branch. Process is important, of course, but I have never been convinced process is a substitute for the content of human hearts.
According to the report, the government should make “strong authentication of identity, based on robust in-person proofing and through verification of devices, a mandatory requirement for critical cyber infrastructures,” but consumers should be protected from businesses and other services who might require strong government-issued or commercially issued credentials for all online activities (this could be done by requiring businesses to adopt a risk-based approach to credentialing).
Well, goodness. I guess some might consider the renewal of an auto registration or the remittance of a traffic fine more deserving of superior credentials than a mortgage or student loan application. The former contains little personal information; the latter a lot. But I guess the report’s authors think that any government function is important and private interactions are not.
This may sound shocking, but I suspect businesses — through trial and error — may be capable of discovering the optimum balance between security and convenience for most consuners.