About five years ago, the Office of Justice Programs embarked on a large IT modernization initiative that included an upgrade for its grant management system. Given OJP’s already large cloud footprint and the significant nature of the upgrade, officials determined that it was an ideal time to introduce a modern identity management application.
“It was the perfect candidate for identity and access management modernization in that it not only encompassed the identities of our internal agency but also required us to federate with other components within the Department of Justice as well as law enforcement agencies, governors’ offices and other grantees around the U.S. that apply for our grants,” said OJP CISO and IT Security Director Jaime Noble at the Okta Gov Identity Summit 2025 in March.
With federated identity management, OJP can award grants to support law enforcement and victims of crime across various U.S. communities, Noble said.
Click the banner below to see how identity and access management can improve the user experience.
“There were three types of identities that we needed to store and protect to not only have access to our grants management system but also to be able to do business across some of our other information systems,” she said. Those identities are staff, contractors and applicants.
OJP adopted Okta Identity Cloud to create a better user experience and to bolster security through robust identity verification.
Smoothing the User Experience for Accessing Sensitive Data
To begin the work, OJP looked for potential partners who already had adopted a centralized identity management solution. The agency partnered with the Executive Office for United States Attorneys, which was “pretty far along in its journey,” Noble said. The executive office provided strong guidance and “wonderful resources” to assist.
In making the transition to Okta Identity Cloud, OJP had to align identity management modernization with its business objectives and communicate the value of that work to its stakeholders and constituents. The OJP user base is spread across the world, not just the U.S., Noble said. Her office must know who is accessing what data, how and when they are accessing it, and if that access is appropriate.
The office had to ensure a good user experience to provide access to sensitive information and do so in a human-centric way.
“We want a frictionless experience for our users. We want it to be easy for them. That was actually something that was of value to them. We were able to deliver a seamless digital experience not only for our internal users but also for our federated component users and the stakeholders around the country,” she said.
Proving Out Identity Management Across Use Cases
Substantive identity management programs are expensive, Noble acknowledged, but OJP sees some return on its investment.
First and foremost, the agency has seen a significant decline in phishing attacks, which secures its enterprise. It also has seen a big drop in IT service desk calls, as Okta Identity Cloud includes self-service for resetting passwords and other troubleshooting through multifactor authentication.
UP NEXT: DOD needs better data management for decision making.
Organizations across industries — particularly in the financial sector — are experiencing more attempts at fraud when it comes to identity management, Noble said: “As cyberthreats continue to evolve, the expectation is that identity security is going to play more of a central role. More and more, it’s natural for our user base to expect more security, and more value from their security, as cybersecurity threats are evolving and coming at us fast and furious.”
The success of adopting the Okta identity management solution for grants management helped clear the way for Noble to apply it to other systems.
“It really allowed us to get the buy-in we needed to then go back to some of our legacy applications and start modernizing their identity and access management solutions as well,” she said.
