Panel Discussion Highlights Federal Identity Management of the Future

    WASHINGTON, DC -- The Department of Defense (DOD) Chief Information Office (CIO) was among more than 200 federal government leaders and industry partners who gathered at the One World Identity, Know Identity Conference in Washington D.C. in late March to discuss how the two groups can work together to create identify management platforms of the future.

    U.S. Army Col. Tom Clancy, the Identity Management and Public Key Infrastructure lead for the Department of Defense (DoD) Chief Information Officer (CIO) participated on a panel focused on the future of government identity, which included representatives from The Department of Homeland Security and The General Services Administration. The panel was moderated by Mike Garcia from the National Institute of Standards and Technology (NIST).

    The colonel immediately began his remarks highlighting Secretary James Mattis’ three lines of effort within the National Defense Strategy for the Department of Defense: Rebuilding military readiness to build a more lethal force, strengthening alliances to attract new partners and reforming the Department’s business practices for greater performance and affordability.

    “Identity Management has a role in all three of Secretary Mattis’ priorities,” said Clancy.

    Each panelist agreed standards across the government are key to determining the future of identity management. Effective standards for identity management directly fall into all three key priorities from the National Defense Strategy.

    The National Institute of Standards and Technology (NIST) Special Publication 800-63-3 specifically is the policy which provides technical requirements for federal agencies implementing digital identity services. This publication also specifies the guidelines for identity management proofing and authentication for government information technology IT systems over open networks..

    “Standards across the government such as NIST Special Publication 800-63-3 for Digital Identity guidelines are very useful and allow us to work together,” said Clancy. “Gone are the days of writing up exquisite requirements. We have to be more agile. Publication 800-63-3 is a big milestone and the approach at DoD is we have really gone all in and we are working to harmonize and have helped build the consensus with partners across multiple infrastructures.”

    This standard has created efficiencies at federal agencies aside from the Department of Defense.

    “We have a long and strong relationship with the Intel community,” said Clancy. “Harmonizing these relationships drive down costs.

    Clancy noted that reports that DOD will no longer use the common access card (CAC) are not true.

    “Two years ago the CIO kicked off an examination into the future of CAC,” Clancy said. “After that, we are actually planning on making the CAC better, and issuing additional authenticators to meet mission needs, but we are not getting rid of the CAC. There is no plan for that.”

    Each of the panelists agreed that industry partnerships are key to the long-term success for the future of identity management within the Federal government.

    “We must have a meaningful dialogue with all of our stakeholders in order to be successful long-term,” said Clancy. “Scale, performance and assurance are needed for the success of identity management platforms.”