Military enhances identification and access management abilities at tactical field levels
The United States Army is embarking on a significant modernization journey with its Identity, Credential, and Access Management (ICAM) capabilities. The goal is to extend these advancements down to tactical units, providing commanders with the flexibility to establish federation at their local levels.
In a move towards automation, the Army is deploying modernized automated account provisioning (AAP) and privileged access management (PAM) later this year. According to Andre Townes, interim deputy product lead for Enterprise-Identity, Credential and Access Management (E-ICAM), the focus is on automating account provisioning, ensuring no orphaned accounts, and enforcing segregation of duties across financial systems.
The Army has already integrated with the Defense Department's federation hub earlier this year, a step that paves the way for a more unified approach to ICAM. Jack Wilson, program manager for Interoperability, Integration and Services (I2S), stated that tactical ICAM is in phase two demonstrations with an operational unit, where the technology is being tested during live field exercises.
The Defense Information Systems Agency (DISA) has taken responsibility for integrating myAuth into the Army's E-ICAM program. myAuth, a new identity credentialing system launched by the Defense Department, aims to transition more than 20 million users by the end of fiscal 2026. The Army is currently evaluating myAuth specifically for retirees and beneficiaries.
The Army's focus on ICAM is driven by the need to address the weaknesses highlighted in multiple inspector general reports. These reports have pointed to issues such as segregation of duties and access controls in the Defense Department's financial management systems during yearly audits. The 2024 DoD IG report found that the Defense Department lacked sufficient access controls over financial management systems to ensure proper user access and timely access removal.
To address these concerns, the Army is exploring the use of artificial intelligence to identify threats based on anomalous behavior from user access. The goal is to understand user behavior patterns and enhance security measures.
Moreover, the Army is developing software-based, programmable solutions for the tactical community that do not put stress on available bandwidth, compute, or storage. This is crucial for ensuring that ICAM is brought into the tactical environment for warfighters in the field, providing visibility into who is using what system at what time and for the right reason.
A November 2024 DoD CIO memo mandated that all financial systems must support internal controls over financial reporting and onboard an identity provider by the end of fiscal 2025. ICAM will play a crucial role in the Defense Department's financial management systems' modernization as it works towards achieving a clean audit opinion by 2028.
The next step for the Army is extending those capabilities down to tactical units and giving commanders the flexibility to establish federation at their local levels. This will not only improve the security of financial management systems but also enhance the Army's ability to operate effectively in various tactical environments.
