Federal agency approaches to identity management don’t have a single approach across the government, but vary to significant degrees with agencies’ mission focus, said LaChelle LeVan, Acting Director for Federal Identity, Credential and Access Management (ICAM) Program Office at the General Services Administration (GSA).
Speaking at the FCW Cybersecurity Summit today, LeVan said that Federal agencies don’t have a singular point of focus for ICAM, and that differing maturity levels begin with understanding mission needs, and then pursuing “a combination of processes and policies.”
Bringing identity management up to the enterprise level also ensures that talent is shared across the agency, LeVan said. For example, bringing up ICAM to the enterprise level brings together legal teams, privacy teams, human resources teams, and compliance teams – each of which can bring a different knowledge set to the table.
When asked about governance building blocks for interoperability in the extended ICAM framework, LeVan said “we can always have more guidance” in continually updating standards.
“We try to get everybody to adopt a standard. Proprietary is never a good option,” LeVan said. Identity management practices have changed over the years, and although maturity levels are varied across agencies, agencies are nonetheless making progress according to their mission needs, she said.