Complying with OMB Memorandum 11-11
Meeting the nation’s growing cybersecurity threat through continued implementation of HSPD-12 and ICAM
As the demand for information sharing has increased across federal agencies, demand for information security has lagged behind but for good reason. As noted in the following three use cases, information security practices often seem to obstruct stakeholder efforts to accomplish mission priorities:
- Every application owner has to explicitly vet each new user, determine whether to grant access to the new user, and then create an account for the new user accordingly.
- When one user gains basic or privileged access to two or more applications, each application owner may unwittingly assume the risk of granting the user privileges to submit and approve funding requests, for example.
- When a privileged user separates from an agency either voluntarily or involuntarily, who revokes the user’s access privileges for each application? What is the agency’s access revocation process? How efficiently and effectively does it execute the process?
Instead of employing one enterprise identity, credential and access management (ICAM) system and support staff to manage access for all enterprise applications, most organizations employ a separate ICAM system and support staff to manage access for each enterprise application. What if each organization could leverage one identity and one secure credential to manage each user’s access to all enterprise applications, including physical access control systems?
Deloitte is helping federal agencies to implement streamlined and integrated ICAM systems across the federal government at organizations like the Department of Health and Human Services, the Department of Treasury, and General Services Administration. Not only is Deloitte helping agencies to leverage PIV credentials for logical and physical access, but Deloitte knows how to effectively and efficiently produce and maintain the PIV credentials themselves:
- Implemented a fully FIPS 201 compliant shared services solution for GSA and 40 customer agencies in 60 days
- Deployed a fully operational credentialing system in just 96 days for TSA that delivered credentials to 28 sites
- Planned and managed the initial and subsequent deployment and maintenance of the Common Access Card for all DoD users since 1999
- No other vendor has delivered as many HSPD-12 systems as Deloitte
- Operated for HHS, TSA, and GSA over the last 3 years
We have over 160 people dedicated to security and identity management, holding specialized certifications such as CISM, CISA, CISSP, CIPP, and ISC2 PMP. Deloitte has the expertise, resources, and experience to help any agency design and implement the kind of comprehensive ICAM solution required by HSPD-12, the FICAM Roadmap, and OMB M-11-11.