How Agencies Can Start Modernizing IAM Systems
Upgrading IAM systems requires modernizing the underlying technology as well as the business processes connected to these solutions. Agency IT leaders need a clear view into how all their existing users, systems and applications tie into their IAM and PAM solutions. Those include not just the employees and contractors, but their devices as well. The systems can range from human resources, payroll and enterprise resource planning to networking, messaging and mission-critical applications.
IT leaders can and should start with an in-depth assessment to determine where they sit on an IAM maturity model. That will help determine how well agencies are managing the user lifecycle and show which users have access to which apps or data, under which circumstances and when. It will also help assess whether their systems are using commercial tools that can be updated and eventually automated.
Assessments also need to determine the agency’s processes for change management and user support related to IAM.
RELATED: The shift to zero trust is about culture as well as technology.
Following a comprehensive assessment, IT leaders can start building a roadmap for modernizing IAM solutions in line with the agency’s mission and business goals, all under the rubric of zero-trust principles.
The final strategy document calls for the deployment of centralized identity management systems for agency users that can be integrated into applications and common platforms, as well as for the adoption of strong multifactor authentication. Importantly, the strategy notes that “when authorizing users to access resources, agencies must consider at least one device-level signal alongside identity information about the authenticated user.”
This process will likely take several years, so agencies will need to start with pilot programs and establish key milestones. Working with trusted partners like CDW•G, agencies must also look forward and determine what kind of funding they will need to ensure that modernization continues.
IT leaders should also consider what kind of long-term support and expertise they will need to maintain enterprise-level IAM systems that enable zero trust. At the same time, they should also consider how to modernize businesses processes related to IAM, such as onboarding new users and contractors and deactivating access for those leaving the agency.
EXPLORE: How will zero trust evolve in the federal government in 2022?
Modernized IAM Offers Benefits to Federal Agencies
There are many obvious benefits to a modernized approach to IAM, including the ability to support just-in-time access, in which users get access for a defined period of time, perhaps just a few hours, so that a specific task can be performed.
Modernizing IAM also enables agencies to enhance their productivity by onboarding and offboarding users more quickly and accurately. Upgraded IAM tools are also more adaptable and responsive to changing mission requirements and government mandates.
Additionally, upgraded IAM systems make it easier for agencies to leverage strong multifactor authentication for a variety of use cases: government to government, government to business and government to citizen. Each having specific use requirements around identity proofing depending on the risk posture of the application/use case.
The shift to zero trust is really a rallying cry for implementing modern IAM tools. These tools are needed now more than ever as agency workforces continue to work remotely. The time to modernize IAM solutions at agencies is now.
This article is part of FedTech’s CapITal blog series. Please join the discussion on Twitter by using the #FedIT hashtag.