On May 1, 2024, the Department of the Navy’s Information Superiority Executive Steering Group formally designated Naval Identity Services as an Enterprise Information Technology Service for the DON. NIS is the second DON enterprise service, and the first for Program Executive Office for Digital and Enterprise Services (PEO Digital) after the designation of Naval Air Systems Command’s Naval Integrated Model Environment service for Model-Based Systems Engineering in March 2023.
The NIS enterprise service designation covers Identity, Credential and Access Management (ICAM) capabilities available to unclassified Navy shore users, with expansions planned to address Secret, Marine Corps and afloat/tactical use cases planned in fiscal year 2024.
“Enterprise information technology services are a huge force multiplier: these services allow our entire enterprise the ability to do more for less with greater security, quality and speed,” Department of the Navy Chief Information Officer (DON CIO) Jane Rathbun said.
ICAM manages access that users have to data and applications based on authenticating their identity and authorizing their ability to see and interact with specific digital resources based on their role. Robust ICAM capabilities are the cornerstone of modern zero trust application architectures, as described in the latest DON Major Design Concept to Implement Zero Trust concept.
ICAM improves the user experience by replacing the need for multiple duplicative System Authorization Access Requests (SAARs) with a unified, automated workflow that reuses authoritative data. Similarly, ICAM enables single sign-on to avoid repetitive logins to different applications. Among other benefits, ICAM also eliminates significant audit deficiencies in IT general controls that have led to a DON material weakness and vaults the escalation of access for privileged users (often a source of the most significant cyber vulnerabilities).
“Making NIS the enterprise service for ICAM is a significant step to achieving the goal of the DON’s Capstone Design Concept for Information Superiority, which is to securely move any information from anywhere to anywhere, to help the Department of the Navy achieve a favorable financial audit opinion, and to comply with Congressional and Department of Defense Chief Information Officer requirements to deliver a zero trust implementation plan by 2024,” Rathbun said. “Even more so, NIS enables a better customer experience by removing pain points everyone has felt with getting and using access to applications.”
PEO Digital Executive Director Louis Koplin said, “Enterprise services are obviously in our name – this is the first in what we hope will be many offerings to receive this DON CIO designation. But the key is to create enterprise services that are compelling in and of themselves: lean or efficient, learning or improving based on feedback and enabling or making life easier for those adopting them. When we do that, people will naturally want to adopt those enterprise services, because they are cheaper, faster, better, more secure and less effort than building your own.”
The current DON CIO Major Design Concept for Adopting Enterprise Services establishes standards and criteria for self-assessments by candidates for enterprise service designation. These are meant to ensure that enterprise services are credible – that they are orderable, supportable, performative, secure, scalable and so on. NIS went through an extended process over the course of a year, from an initial self-assessment which found services insufficiently mature, through a series of targeted improvement exercises, to a second self-assessment that showed significantly improved maturity across the board. Briefing these results to DON governance via the Information Superiority Executive Steering Group provided an important checkpoint.
“We are extremely proud of how far we’ve come,” Teri-Lee Holland, NIS product owner, said. “We’ve always had to go fast because we’re solving important problems for the DON, and we’ve been innovative in how we’ve done so by leveraging Other Transaction Authorities, but we also need to make sure that NIS is being built for the long term, and will be an enduring pillar of DON IT. This is one that app owners and end users are happy to have.”
“Ideally, an enterprise service designation reflects how everyone already feels about a product or service,” Koplin said. “When you build something with a compelling value proposition – it works, it helps, it’s free – you don’t have to pressure anyone into using it. But we would not have gotten here without the enterprise services framework, both the standards and criteria in the major design concept and the forcing function of our steering group governance. It’s a big achievement, and I think it’s going to get easier from here on out.”
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.