3 stages of identity consolidation

Here are the building blocks and the capabilities that result from a consolidated identity management system. Most agencies are still wrapping up work on the first step of issuing credentials.

1: Preparing the People

Identity Proofing -- Homeland Security Presidential Directive 12 set agencies to work conducting background investigations of government employees and contractors as part of the identity management process. As of Dec. 1, 2009, background checks had been verified or completed for 2,755,682 government employees (59 percent), according to the idmanagement.gov Web site.

Credentialing Process -- Collectively, agencies have enrolled and issued computerized personal identity verification (PIV) cards to the majority of their employees (86 percent) and contractors (72 percent).

2: Preparing the Systems and Applications

Centralized Directory -- A centralized directory for identity data serves as a key piece of the ID management foundation and interacts with many other components. A number of departments and agencies, including the Agriculture, Homeland Security and Justice departments and NASA, have launched plans to combine multiple existing directories into one central resource at their respective organizations.

Integrating Applications – Software applications, Web sites and physical security controls, such as building entrances, must be configured to work with PIV cards and the centralized identity directory. Development priorities are typically geared toward high-risk, high-payback systems. Ultimately, agencies might choose to implement a single sign-on for multiple applications or groups of related applications.

Enabling Laptop and Desktop PCs -- User hardware must have smart card readers. The Agriculture Department is using smart cards on 55,000 laptop PCs and plans to cover its desktop computers by the end of the fiscal year.

Connecting to Trusted Partners – Agencies’ centralized identity systems will interface with trusted networks, such as the Open Identity Exchange, so that agencies can accept credentials issued by other public and private entities for interagency collaboration and citizen access to government services.

3: Streamlining Identity Management

Provisioning/Deprovisioning -- Centralized account management reduces the cost of maintaining separate systems and provides a comprehensive way to add, modify and delete accounts when employees are hired, change jobs or leave the government.

Auditing and Reporting – Agency officials can use the consolidated system to see who has accessed particular systems and verify policy compliance.

Program Management or Governance Office -- Integrated identity management can be an arduous and ongoing undertaking. A program manager or office can help guide the launch of the identity management solution and oversee the schedule and budget. The governance team keeps key stakeholders informed about key milestones.

About the Author

John Moore is a freelance writer based in Syracuse, N.Y.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.