Identity can be a slippery thing in the digital age. How do you prove who you are online so you can access the information you need? Identifiers used in log-in information such as names, usernames, email addresses and IP addresses can be the keys to an individual’s digital universe.
For government to be trusted with those keys so that citizens can have access to e-services and employees can do their work, it’s crucial to have a system in place that can reliably administer the right access to information to the right people. That’s why Identity Access Management (IAM) is being approached carefully and thoughtfully by State experts, with help from industry-leading IAM technology.
Identity management is currently in the crosshairs of security experts nationwide. Howard Schmidt, White House cybersecurity coordinator called out the importance of establishing solid identity management solutions at a Jan. 31 conference sponsored by the Center for Strategic and International Studies. He spoke to the need for more comprehensive, and greater, identity protection and assurance while online, according to a recent Federal Computer Week article.
Minnesota is rising to the challenge. The State is well on its way to creating an IAM system that provides optimal security for accessing state applications and protecting citizen data. Currently, project leaders are offering “Technical deep-dives” (informational/planning sessions) on initial IAM application migrations.
An IAM system can eliminate the need for multiple logins and passwords for state government e-services. This can minimize credential confusion by giving users one identity, so they can access a single self-service portal for registration, password resetting, managing user accounts, and other centralized functions.
In addition to improving security, the IAM system is being designed to have the benefits of cost savings for agencies and increased confidence in disaster recovery/continuity of operations efforts. Having a single, centralized State IAM system will also ensure adherence to Federal Identity, Credential, and Access Management (FICAM) guidelines.
The pursuit of Minnesota’s IAM initiative began with the creation of a governance structure for IAM in 2009. In 2010, the Oracle Identity Access Management Suite was selected to be the State’s technology for IAM. A key factor in this choice was Oracle’s ability to provide enough licenses for State employees, State business partners and the citizens of Minnesota. In 2011, the IAM Service Development Program defined business, functional, and technical requirements, vetted the total cost of ownership, and deployed the IAM system in the production environment. To add another layer of security, it was determined that the system be highly redundant in the main data center and recoverable in the backup data center within two hours.
Other key accomplishments for 2011:
The proof of concept was completed in February
Development of the shared service began in March:
Business and functional requirements were gathered from 12 agencies
Technical requirements, architecture and use cases for IAM were developed; clustered operational system was implemented at OET and the testing phase began
The pieces are falling into place to make this solution a reality. A clustered IAM system at OET is currently operational and being tested. Agencies involved in initial implementations are the Office of Enterprise Technology, The Department of Human Services, and the Minnesota Department of Health. Other implementations will occur in phases.
Work on the recovery system at the SRC (State Recovery Center) is in development. During 2012, before application migrations take place, the team plans to provide in-depth workshops for other interested agencies. Contact your account manager to get your application into the migration pipeline.
OET Client Relations: firstname.lastname@example.org
Or -- submit a request using OET’s service catalog at: https://www.servicecatalog.oet.state.mn.us/MNIT/