Office of Personnel Management (OPM) Chief Information Officer Guy Cavallo said today that his agency’s work with the General Services Administration’s (GSA) login.gov technology for authentication and identity proofing is paying off in OPM’s continuing efforts to make enterprise-wide technology improvements.
Keynoting an event organized by FCW and focusing on identity, credential, and access management (ICAM) topics, Cavallo explained that OPM provides multiple service “touch points” for citizens and Federal employees through sites such as USA Jobs and USA Performance. In line with the goal of improving customer experience, OPM wants to move away from requiring separate identities for different applications, he said.
“We’re moving into a single approach so that they don’t have a different identity with each different application,” he said. “Then ideally, we can make identity management across the Federal government that much easier.”
As part of that effort, OPM has partnered with GSA, and is “relying pretty heavily on login.gov as that common enterprise approach to remote identities,” he said. “GSA has built that to be something that you can plug in across agencies, and across applications.”
“What we’re seeing are some real advantages from that,” Cavallo said.
“From a staffing side, my technical team is working with a common solution, so when they add login.gov to one of our applications, it’s the same code, it’s the same approach, and it makes it easier for my staff to support it,” he said.
“It also allows us to take it across an enterprise view, instead of treating each application as a silo,” he said.
He said OPM is using login.gov for identity management for non-Federal employees, and for current Federal employees it allows use of a PIV (Personal Identity Verification) card, or login.gov as well. “That’s been very well received by our customer feedback.”
Integrated Approaches
Cavallo also explained improvements to identity management in the context of President Biden’s cybersecurity executive order issued last year. Among its many other provisions, he said the order means that “you can’t treat identities as a silo outside of these other requirements of data encryption and your supply chain and who gets into your applications and how to better share across agencies.”
The OPM CIO put particular emphasis on the need for an integrated approach to enterprise-wide improvement.
“One lesson that I’ve learned in my long career is that at the executive level within an IT organization, you can’t treat each of these initiatives as a separate silo, they all impact each other,” he said.
“Identity management should coexist with your zero trust strategy, which should coexist with your cloud strategy,” he said. “Doing those as separate projects with separate teams, that’s just going to make it that much harder and drive your costs up considerable.”
Elsewhere during his remarks, Cavallo emphasized that big chunks of the Federal workforce are likely to remain working remotely even as the coronavirus pandemic settles into an endemic phase. He recalled that Federal agencies were used to having 90 percent of their employees working from fixed office sites before the pandemic, but that the government flipped very quickly to enabling remote work.
“I don’t think it’s going to go back to where it was,” he said. “I think what we’ve learned in this hybrid world of work – I can tell you from my perspective – instead of only hiring people in the Washington D.C. area, or asking somebody who’s a great technician and who lives … in Colorado or the far West to move to D.C. and buy an expensive house and come work for us, now I’m able to hire those people and let them work right where they are.” He added, “it’s a different world than where we used to be.”