Access Lifestyle Management Solution for Homeland Security

GOVERNMENT AND FINANCIAL INSTITUTIONS, HEALTH-CARE ORGANIZATIONS and firms operating in highly regulated industries continuously face the monumental task of managing authentication and authorization to mission-critical systems. These organizations often have large numbers of users accessing an increasing number of applications, each of which may require a different level of security and control requirements. 

VariQ was selected by the Department of Homeland Security (DHS) to research and identify an Access Lifecycle Management tool, develop an initial prototype, and implement a preliminary field test in a limited number of its agencies.

The Challenge

The challenges inherent to effective identity and access management, coupled with compliance to regulations and privacy concerns, have propelled the adoption of identity and access lifecycle management solutions. To this end, the Department of Homeland Security’s Identity, Credential, & Access Management Program Management Office established a program for developing an Access Lifecycle Management enterprise-wide service to align with its mission and cybersecurity-related directives.

The Solution

VariQ conducted market research on 24 commercial off-the-shelf products with Access Lifestyle Management capability to identify the right tool for the job, which could be integrated seamlessly into the operational environment. After a methodical Fit/Gap analysis, the VariQ team prepared a comprehensive report featuring product datasheet details and market research and Fit/Gap analysis findings, which was presented to a panel of subject matter experts that contract with the government for additional vendor alternative analysis. The panel selected SailPoint IdentityIQ as the product of choice for DHS-wide implementation.

Upon product selection, VariQ scoped out the requirements, architecture, and necessary workflows for the most common Access Lifestyle Management use cases. Within three months, a team of subject matter experts, application developers, and testers implemented a fully working prototype for the use cases identified, using an Agile approach. A key factor in the speed of the prototype creation was the development of all infrastructure directly in the Amazon Web Services (AWS) cloud. 

The prototype was successfully demonstrated to the DHS Office of the Chief Information Officer (OCIO) Information Sharing Environment Office (ISEO) leadership for their approval to launch the pilot in their respective component agencies.

The Outcome

In a record three-month timeframe, a fully working prototype was implemented for the use cases identified by the Department of Homeland Security. Significant cost savings were realized by developing all infrastructure directly in the AWS cloud, and powering up the lower environments only when these were actively worked on. Further cost savings will be realized in the future as the system is gradually rolled out to additional users, allowing upscaling of the infrastructure without significant investments for compute and storage resources.