Case Study

Credential Management Solution Strengthens Access Controls

Enterprise-wide ICAM strategy reduces risk and improves cybersecurity resilience.

Challenge

A large Federal Department required a centralized Identity, Credential, and Access Management (ICAM) program to serve as a shared service throughout a 165,000+ user enterprise. The Department also needed to retire and transition legacy ICAM services and align enterprise ICAM services with other federal systems and policies. 

 

 

Solution

Guidehouse worked with the Department's CIO, CISO, and ICAM Project Manager to develop an ICAM strategy and roadmap, and implement a comprehensive enterprise-wise ICAM program, including:

 

  • ICAM Program Management Plan (PMP), which outlined the program’s initiatives and outcomes
  • ICAM Maturity Model based on industry best practices assessed maturity and identified immediate service gaps
  • ICAM Program Communications Plan provided a structured framework for communications to stakeholders across the Department
  • An enterprise Identity Governance and Administration (IGA) solution1 delivering a unique record (Enterprise Digital Identity) for each individual while managing account lifecycles and permissions for employees and contractors across the Department
  • A Privileged Access Manager (PAM) solution to manage credentials for privileged accounts, provide workflows for account requests, and monitor actions taken with privileged accounts through session recording
  • A modern cloud-based Identity Provider (IdP) to enable secure access via Single Sign-On to the Department’s networks and applications using strong phishing-resistant authentication

 

 

Impact

Guidehouse’s support facilitates the Department’s continued success as an early adopter of modern ICAM technologies and best practices. This project also enabled the Department to adopt an Enterprise-wide Zero Trust strategy – aligning legacy ICAM platforms with new modern principles required by Executive Order 14028 on Improving the Nations Cybersecurity.  

 

 

   
 

1 “Identity Governance Administration Improves Access Management.” n.d. Guidehouse.com. Accessed June 28, 2023. https://guidehouse.com/insights/advanced-solutions/2022/identity-governance-and-administration.

2
The White House. 2021. “Executive Order on Improving the Nation’s Cybersecurity.” The White House. May 12, 2021. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/.

Amanda Kane, Partner

Christine Owen, Director

Kevin Shaw, Partner


Let Us Guide You

Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, the firm collaborates with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.

Stay ahead of the curve with news, insights and updates from Guidehouse about issues relevant to your organization and its work.