A large Federal Department required a centralized Identity, Credential, and Access Management (ICAM) program to serve as a shared service throughout a 165,000+ user enterprise. The Department also needed to retire and transition legacy ICAM services and align enterprise ICAM services with other federal systems and policies.
Guidehouse worked with the Department's CIO, CISO, and ICAM Project Manager to develop an ICAM strategy and roadmap, and implement a comprehensive enterprise-wise ICAM program, including:
- ICAM Program Management Plan (PMP), which outlined the program’s initiatives and outcomes
- ICAM Maturity Model based on industry best practices assessed maturity and identified immediate service gaps
- ICAM Program Communications Plan provided a structured framework for communications to stakeholders across the Department
- An enterprise Identity Governance and Administration (IGA) solution1 delivering a unique record (Enterprise Digital Identity) for each individual while managing account lifecycles and permissions for employees and contractors across the Department
- A Privileged Access Manager (PAM) solution to manage credentials for privileged accounts, provide workflows for account requests, and monitor actions taken with privileged accounts through session recording
- A modern cloud-based Identity Provider (IdP) to enable secure access via Single Sign-On to the Department’s networks and applications using strong phishing-resistant authentication
Guidehouse’s support facilitates the Department’s continued success as an early adopter of modern ICAM technologies and best practices. This project also enabled the Department to adopt an Enterprise-wide Zero Trust strategy – aligning legacy ICAM platforms with new modern principles required by Executive Order 14028 on Improving the Nations Cybersecurity.
1 “Identity Governance Administration Improves Access Management.” n.d. Guidehouse.com. Accessed June 28, 2023. https://guidehouse.com/insights/advanced-solutions/2022/identity-governance-and-administration.
2 The White House. 2021. “Executive Order on Improving the Nation’s Cybersecurity.” The White House. May 12, 2021. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/.