SBA CISO James Saunders on leveraging cloud infrastructure for remote identity management

“Agencies early in the coronavirus pandemic scrambled to scale up their IT infrastructure to handle mandatory telework and enable secure access to networks remotely.”

“Nearly half a year into this work arrangement, agencies are making the most of it and have overcome the challenges of onboarding new employees who in some cases have yet to set foot in a physical office or meet their coworkers in-person.”

“While initially creating hurdles from an Identity, Credentialing, and Access Management (ICAM) perspective, this new work environment has challenged some agency officials to rethink security beyond the four walls of an office.”

“The Small Business Administration, over the course of the pandemic, had to scale its network to handle a workforce of 20,000 personnel, about five times what it was before the coronavirus pandemic.”

“Meanwhile, this surge of new users accessing the network happened at a time when the agency closed its offices that were issuing Personal Identity Verification cards.”

“As a workaround, SBA Chief Information Security Officer James Saunders said the agency leveraged its cloud identity infrastructure to launch ‘conditional access’ that would put users on a trusted network using a trusted device to login using a username and password.”

“Those not on a trusted network or using a trusted device would have to go through multi-factor authentication, with the type of authentication changing based on the level of risk assessed by the system.”

“’We were able to put that in place and meet the same level of security requirements and rigor without requiring that PIV card. Now, once the pandemic lifts, and we get back to steady-state, we’re going to take a really good look to see which part of that stays around and which part goes back to PIV cards. But for the most part, it works,’ Saunders said Wednesday at AFCEA’s Federal Identity Forum…” Read the full article here.

Source: SBA rethinks PIV cards, State Dept. eyes zero trust with employees working remotely – By Jory Heckman, September 14, 2020. Federal News Network.

0
Tags:

This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 week, 1 day ago.

  • Author
    Posts
  • #107677

    Replies viewable by members only

    0

You must be logged in to reply to this topic.

CONTACT US

Questions?. Send us an email and we'll get back to you, asap.

Sending

©2020 G2Xchange all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541512, 
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?