Continuous Diagnostics and Mitigation Program Identity and Access Management - Who is on the Network? [open pdf - 180KB]
From the Document: "The Cybersecurity and Infrastructure Security Agency's Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides cybersecurity tools, integration services, and dashboards to participating agencies to help them improve their respective security postures. The CDM Program ultimately reduces the threat surface and improves federal cybersecurity response through four capability areas: Asset Management, Identity and Access Management (IDAM), Network Security Management, and Data Protection Management. The IDAM capability is intended to manage the access and privileges of agency network users. Managing who is on the network requires the management and control of account and access privileges, trust determination for people granted access, credentials and authentication, and security-related behavioral training. IDAM is deployed within the CDM Program through four component capabilities: trust determination for people granted access (TRUST), security-related behavioral training (BEHAVE), credentials and authentication (CRED), and management and control of account and access privileges (PRIV). These four capabilities have significant interdependencies and are managed together as part of the IDAM capability area. IDAM encourages enhanced cyber hygiene through the utilization of identification, authentication, and authorization."
U.S Department of Homeland Security Cybersecurity and Infrastructure Security Agency: https://www.cisa.gov/