In the age of the COVID-19 pandemic, Federal experts say it is important to standardize both data architecture and processes so that people can access data from wherever they are, and better manage those architectures once they’re in place.
During ATARC’s webinar on April 1, “Identity-Centric Security: The New Agency Perimeter,” Federal experts shared why these practices are important and what tools agencies can use to make the process easier.
“There is a lot of work happening right now to have standardized architectures and make those similar across government. The other thing that we need to get better at as we’re working through this, it’s not just standard architecture but also standard processes,” said Nicole Ballard, manager of identity and access management at Sandia National Laboratories.
“Oftentimes, the implementers are left with the burden of figuring out the operational processes for continuing to maintain and manage those architectures once they’re in place. So, I think as long as you get the technology side aligned with the process side of things, then it will definitely be easier for people to all march to the beat of the same drum,” she added.
Kenneth Myers, chief Federal ICAM architect at the General Services Administration (GSA), agreed with Ballard and said the pandemic changed the way data is accessed.
“Identity is important when you need to access data. You want to make sure people have the right access no matter where they are, and I definitely agree that that was a challenge coming into the pandemic,” Myers said.
In order to combat this challenge, Myers said his agency’s Federal Identity, Credential, and Access Management (FICAM) Architecture is meant to standardize architectures across the Federal government and help agencies to protect their data.
However, Myers said FICAM provides guidance to the entire Federal government, and agencies may need additional guidance to meet their specific architecture goals.
“The main pain points or challenges with the FICAM architecture is the purpose of the architecture: it’s a government-wide architecture,” Myers said. “It’s not meant as a specific agency solution, it’s meant as a government-wide reference architecture. From that perspective, the terms may not match up to what would you might be doing in your agency.”
GSA provides guidance and playbooks for agencies to help guide them in their FICAM implementation process, but Myers encouraged agencies to reach out to GSA for additional guidance.
“Reach out and let us know what challenges you see and I’d love to work together to make it easier. I mean that’s the whole point of our office is collaborating and understanding,” Myers said.