Identity & Access Management

Identity Management Solutions

Comtech enables GSA to consolidate application passwords, streamline provisioning and comply with homeland security requirements.

Customer

General Services Administration (GSA)

Challenge

GSA’s IT environment needed to improve system security, reduce its management overhead and streamline its user provisioning process.

Benefits

User provisioning enhancements have expedited setup time and improved process controls for system security.

Dispersed user identities from different data sources are consolidated into a centralized data store, enhancing security.

Accessing applications require only a single password, reducing user support costs and risks.

Adherence to Homeland Security Presidential Directive (HSPD-12) requirements for a common identification standard.

The VSOC system provides enterprise security, situational awareness and operates in real time to identify and quarantine emerging network threats. The functionality and architecture can be integrated into any agency’s network security architecture within a short period of time.

Customer Profile

U.S. General Services Administration (GSA) is a widespread organization with over 13,000 employees in 11 regional offices. Agency workers are responsible for procuring offices, equipment and supplies for over one million federal workers in approximately 8,300 buildings in 2,000 U.S. communities and overseas.

Customer Challenges

Fulfilling the GSA mission requires support for hundreds of software applications across the organization. Provisioning agency employees and contractors, and supporting password sign-on for each of the required applications have required considerable IT security overhead. The heterogeneous sign-on process also creates opportunities for a security breach, should the access permissions of transitioning workers not be thoroughly deprovisioned. Moreover, Federal Homeland Security Directive 12 (HSPD-12) has required that federal agencies comply with a common identification standard for employees and contractors.

Comtech Solution

By working with GSA to understand its objectives and requirements for Single Sign-on (SSO) and E-Authentication, Comtech was able to put together a plan for evaluating products and leading edge technologies. The initial scope of the project was to develop an architecture to support SSO and Identity Management. The goal was later broadened to include providing workers with SSO passwords for all applications.
This expanded scope required looking at password synchronization, directory services, Identity Management, LDAP services, SSO and Public Key Infrastructure (PKI), all within the framework of the HSPD-12 initiative.
Meeting GSA’s objectives required Comtech to integrate leading-edge technologies into their environment.

Phase One

The first stage focused on testing and deploying E-Authentication, SSO, Meta Directory and Identity Management solutions, with backend architecture to integrate these technologies. A simulation test environment provided Comtech with the data they needed to recommend a proven and tested solution, which would permit backend replication for SSO with no user downtime, and integrate well in the entire architecture. This backend architecture solution has been rolled out at federal headquarters and is being extended to their Continuity of Business Operation (COOP) site.

Meeting GSA’s objectives required Comtech to integrate leading-edge technologies into their environment.

Phase Two

With the completion of Phase One, Comtech will be rolling out SSO, Identity Management, and Password Sync across the organization, as well as PKI. The evaluation process for these technology solutions is currently in advanced stages in Comtech’s test lab environment.

Support Services

As part of an end-to-end solution, the Comtech Network Operations Center (NOC) is playing a critical role in delivering support services for system management. In addition, Comtech is providing training for GSA’s administrative staff so that they can provide training for their system users.

Business Benefits

Comtech’s identity management for GSA is enabling the agency to reduce IT administrative costs while meeting their system security objectives. Specifically, Comtech is delivering the following benefits to the agency:

A streamlined user setup process greatly reduces the amount of IT resources required to enable new agency IT users and adjust the access permissions for transitioning or departing employees.
By accessing many applications with just one authentication step, confusion over multiple passwords and the possibility of an application-level security breach have been greatly reduced. This further reduces support costs and risks to IT assets.
GSA is able to comply with the aggressive requirements set out by HSPD-12 for meeting a common identification standard.

Summary

Through provisions of advanced technology evaluations, deployments and management services, Comtech is assisting GSA in obtaining their Identity Management system objectives. Application sign-on for users is reduced from many to just one password, providing cost reductions and time efficiencies for IT administration, an improved work flow for all IT systems users and a reduction in system security vulnerabilities. The sustenance of such reductions and efficiencies has allowed the federal government to move forward effectively.