A new playbook developed by the General Services Administration (GSA) provides guidance for government information technology departments to monitor automated tools that perform business processes similar to a human worker.
The Digital Worker Identity Playbook outlines a process for determining potential security risks from software-based platforms and agents, Daria Medved, deputy director of emerging technologies at GSA, wrote in a joint blog post with information technology specialist Ken Myers.
The guidance document also outlines risk-based identity governance requirements and accountability metrics for automated systems. Medved and Myers noted the interaction between digital worker technology and sensitive data in high-risk work may affect missions.
They said agency IT teams can manage security practices, audits and incident response approaches through the enforcement of least privilege and user access recertification for digital agents.