Date: On Demand
Duration: 1 hour
Cost: No Fee
Agencies have been talking about the importance of identity and access management for more than 20 years. It started at the Defense Department with the roll out of the common access card and across the civilian agency world with the move to creating a public key infrastructure (PKI) and the federal bridge.
Today, agencies across the federal space are under immense pressure, from cyber attackers and others, to make identity credentialing and access management (ICAM), the center piece of nearly all of their IT modernization and cyber efforts.
From cyber with zero trust to how they serve citizens better, faster and more securely, ensuring they can trust that the person on the other end of that service is who they say they are is the lynchpin to the federal mission.
Agencies are in the last mile—what many would describe as the hardest mile—of the ICAM marathon.
A big part of that final mile is moving beyond the traditional approaches to identity and access management under the personal identity verification (PIV) or common access card (CAC) rubrics.
“We continue to look at prioritizing our capabilities and having an agile approach to ICAM,” said Sam Yousef, the deputy director of the Defense Manpower Data Center for the Department of Defense during the panel discussion Leaders in Innovation: ICAM Modernization Expert Advice to Get Started Right sponsored by Carahsoft. “I think, based on how we’ve set forth with proper governance and policy execution from the start of the smartcard, we’ve eliminated those simple use cases. Now we’re trying to get to much more complex things, how you truly get to real time access based on the attributes you have in promoting those access decisions and a true real-time authoritative manner.”
For DoD, that doesn’t mean getting rid of the CAC, but supplementing it with modern approaches. Yousef said part of the goal is to provide more secure ICAM services to servicemember families and retirees.
The IRS, earlier this summer, launched a new identity management system to focus on outward facing customers, called the Secure Access Digital Identity (SADI).
“Our goal was to improve the user experience, but make it simple, secure and safe as possible. The primary difference between secure access and safety is we’re going to be relying on a credential service provider to manage the user registration and log in,” said Nanette Downing, the director of Identity Assurance at the IRS. “We did go live in June with the first application behind SADI, which was part of the child tax credit, the child tax credit update portal. We’re very pleased with where we are today with this first application because we’ve successfully gone through the process of 5 million taxpayers that have been able to come in prove their identity and get access to the application.”
Through SADI and over the next year, the IRS is replacing an ICAM platform launched in 2014 that currently serves about 30 million users.
David Bottom, the chief information officer for the Securities and Exchange Commission, said their ICAM modernization effort is focused on understanding their data and the need to manage the risk of when employees and the public can access it.
“We’re leveraging cloud services and bringing in various providers into our environment. Really, what that means is that our environments becoming more complex and interdependent as we move forward and modernizing and if we’re on- premise having the capabilities in place to make sure that we are identifying our providers, and have mechanisms to continually assess that those providers and what they’re doing and what they should be doing,” he said. “That’s just key to modernization because identity is the key component of trust. That’s really what we’re trying to do here is as we’re adopting services for our users and for the public, making sure that that we’re that we’re trusting those services.”
Amanda Kupfner, the deputy assistant commissioner for Infrastructure and Operations Information and Security Services at the Bureau of the Fiscal Service for the Treasury Department, said her agency provides more than 70 applications to internal and external customers that require ICAM services. She said the Fiscal Service, like many agencies, must assume their systems and data area always under threat of attack.
“Doing that causes us to improve our design and our security controls accordingly because we’re not trusting like we have in the past. This includes encrypting data while it’s in transit, while it’s at rest, explicitly authenticating and authorizing access to data and systems,” Kupfner said. “We recognize that the bureau just how critical ICAM is to our overall security posture. We’re investing in approaches that strengthen technologies, not just for the human identities, but also the non-human identities and the integrations between our systems that need to occur.”
This program is sponsored by
Please register using the form on this page or call (202) 895-5023.
By providing your contact information to us, you agree: (i) to receive promotional and/or news alerts via email from Federal News Network and our third party partners, (ii) that we may share your information with our third party partners who provide products and services that may be of interest to you and (iii) that you are not located within the European Economic Area.