Identity, Credential, and Access Management (ICAM)
Ensuring that the right person is accessing the right information at the right time for the right reason is a foundational element to any organization’s cybersecurity practice. The challenge lies in an organization’s ability to achieve secure, scalable, and interoperable information sharing, user access, and validation. The records maintenance systems must also adhere to all laws, mandates, and guidance from FISMA, GSA, OMB, NIST, and DHS. MindPoint Group has the experience that will help your organization develop high-level overviews to garner executive buy-in and navigate the acquisition process. Ultimately, our goal is to enable your organization to implement the tools, solutions, policies, and procedures that will ensure the security of your information and people.
The GSA’s Continuous Diagnostics (CDM) program aims to strengthen the government networks and systems to ensure that risks are prioritized and found on an ongoing basis. As members of the program’s “tiger team”, MindPoint Group has experience with guidance, implementation, and process development for the CDM initiative. MPG leverages our experiences to ensure your organization’s security, scalability, and interoperability. We have studied, digested, and implemented federal laws, mandates, and initiatives regarding Identity, Credential, and Access Management (ICAM) for several organizations. Utilizing our knowledge and experiences allows us to:
1. Develop high-level overviews.
• Use applicable guidance knowledge needed for your organization’s industry.
• Perform a thorough gap analysis of resources, services, tools, policies, procedures, etc.
• Create a road map that will outline the needs and requirements for compliance.
• Package all of this in an easy-to-digest report or slide deck that will gain executive buy-in.
2. Perform in-depth Decision, Analysis, and Recommendation (DAR) report development for process, tools, and services.
• Perform data assessment to determine the who, what, where, when, and how for access to your organization’s information and people.
• Leverage our experience with different vendors to assist with product identification and selection.
• Ultimately select the resource, service, tool, etc. that will be implemented.
3. Implement, monitor, and maintain newly adopted resources, services, tools, policies, procedures.
• Configure tools and services for security, scalability, and interoperability across the environment.
• Determine the ideal resource allocation to increase return on investment.
• Develop policy and procedural documentation that will serve to govern the entire ICAM program.
Our solution can assist with the development of a mature ICAM program that incorporates:
- • Leveraging your organization’s process for identity proofing to establish a system entity, and a thorough review, vetting, and adjudication of identity history, documentation, and background checks.
- • Determination of which attributes are required for an entity’s digital identity assignment.
- • Creation and assignment of a digital identity within the appropriate tool, system, and/or application.
- • Determination of correct credentialing mechanisms.
- • Maintaining accordance with FIPS 201 and FIPS 140-2
- • Binding of a digital identity to a credential mechanism.
- • Issuance of credentials to the correct individual.
- • Guidance for implementation of Attribute-Based Access Control (ABAC).
- • Maintaining all tools, systems, and applications are capable of authorizing individuals based on established ABAC.
- • Implementation and guidance for Privileged Access Management (PAM) systems to ensure the “keys to the kingdom” stay within “the kingdom”.
- • Configuration and support of physical access control and security software and hardware.
- • Remote and in-person monitoring of intrusion detection, physical access control (PACS), and Closed Circuit Television (CCTV) systems.
- • Provisioning and de-provisioning of facility access.
- • Discovery and sharing of attributes between different systems/applications to promote interoperability, including simplification of the process for establishing an identity across multiple systems/applications.
- • Transformation of a token or credential into an alternative format.
- • Establishment of a mutual relationship between parties through the adoption of common policies and standards.
- • Development and implementation of policies and procedures to manage and improve your ICAM program.
- • Determination of auditable information for the monitoring and reporting of the ICAM program’s adherence to policies, procedures, and all applicable laws, mandates, and guidance.
- • Monitoring network connectivity and endpoint operating system integrity.
- • Management of Identity Management Systems (IDMS).