The Defense Department wants to stand up a system for managing the digital identities of every one of its personnel, and it’s looking to the security community for help.
On Friday, officials at the Defense Information Systems Agency announced it was looking to create a system that would let the Pentagon oversee the digital credentials and online activity of the people who use its IT infrastructure. The tech, called the Enterprise Identity Service, would store the usernames and passwords for employees, vendors and other authorized users in a single record, which they could then use to access the networks and platforms they need for their jobs.
The system would also allow the Pentagon “to centrally monitor, manage, secure, and audit identity, access and authorization seamlessly across [components] and their dynamic and disjointed computing environments,” DISA officials wrote in a call for white papers. Though individual components are exploring their own strategies for managing digital identity, the department’s disparate IT ecosystem prevents that sort of enterprisewide control, they said.
Identity, credential and access management, or ICAM, tools are essential for cybersecurity—even the strongest digital defenses are worthless if organizations can’t control who has access to the system they’re protecting. While the government has historically relied on physical credentials like common access cards to manage that access, those old strategies aren’t as conducive for new technologies like cloud, artificial intelligence and mobile platforms.
Our IP Address: