The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) just published the latest edition of the NIST Cybersecurity Practice Guide SP 1800-13, Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders.
Public safety and first responder (PSFR) staff need on-demand access to public safety information to be able to give appropriate assistance and emergency care. So as to access the required information, PSFR personnel is very much dependent on mobile systems. By means of these platforms, PSFR staff could access the personal data and protected health information (PHI) of patients and sensitive law enforcement data; nevertheless, to protect sensitive data and to avoid unauthorized access, it is necessary to have strong authentication systems.
Those authentication systems are necessary to keep information protected and to secure privacy, however, they have the potential to prohibit PSFR staff and get in the way of them giving emergency assistance. Although authentication could only take mere seconds, any holdup in delivering emergency services could have serious implications and could risk life and death.
The Cybersecurity Practice Guide was created in cooperation with NIST’S Public Safety Communications Research laboratory and industry stakeholders and is designed to help take care of authentication problems to make sure sensitive information stays private and safe and PSFR employees can quickly obtain access to the information they require through mobile devices and linked software.
The guide consists of a comprehensive example solution with abilities to deal with risk with proper security settings, together with a demonstration of the strategy utilizing commercially accessible products. Guidance is additionally provided for implementers and security engineers to allow them to incorporate the solution into their company’s enterprise and set it up in a way to accomplish security objectives with a nominal effect on operational effectiveness and cost.
This practice guide details a reference design for multifactor authentication and mobile individual sign-on for native and internet apps while enhancing interoperability between mobile systems, software, and identity providers, irrespective of the application development platform utilized in their construction,” mentioned NCCoE.
The NIST Cybersecurity Practice Guide is available on this page.