High Assurance OneBadge
Executive Sponsor: Tim McKnight, VP, Information Systems Security
Project Team: Russell Koste, Charles Marttila, Barbara Lawrence, Amy Daniels, Gus Pilarte, Tim Powell, Mark Burns, Gary Trexler, Marv Jackson, James Ryan, Carol Spain, Chuck Schwartz, Elizabeth Taylor, Jennifer Hensley, Lynn Massengale, John Clark, Carla Seaborn, Ken Sprinkle, April Martinez, Mary Hicks, Aiko Woods, Bobbie Helbringer, Kimberlee Hendricks, Rita Kohn, Bill Goodhand, Dennis D’Alessio, Greg Ewing, Bob Fraser, Jim Vreeland, Marcia Bradley, Ed Clark, Anne Swanson, Doug Wickman
The Northrop Grumman High Assurance OneBadge project developed, implemented and deployed smart card technology across the corporation providing enhanced protection from unauthorized access to company facilities, networks and data. The OneBadge implementation standardizes employee logical and physical access controls and is aligned to Homeland Security Presidential Directive (HSPD) 12, the identification standard for government employees and contractors. Northrop Grumman’s new identity badge is the first corporate credential to be accepted by the Department of Defense (DoD) and the Federal Public Key Infrastructure (PKI) Bridge to enable secure collaboration with Northrop Grumman’s government and commercial customers and partners.
Automated Identity Governance
Executive Sponsor: Jerry Archer, Chief Security Officer
Project Team: Lorne Cheney, Caroline Williams, Susan Parkhill, Chris Tuten, Jennifer Darwin, Janell Lenahan, Mark Goodin, Chris Thieman, Chad Haselby, Lisa Dougherty, Jadi Willison
Compliance mandates can be a quagmire for IT resources and budgets: in the past, Sallie Mae had spent several millions of dollars to comply with the Federal Information Security Management Act (FISMA) – one of several regulations the company is subject to – due to inefficient, manual processes. In December 2009, Sallie Mae began an aggressive identity governance project to address spiraling compliance costs. Within six months, the company completely re-architected its IT compliance processes related to identity management and established an automated, repeatable process that is projected to save the company significant expense while improving the company’s overall IT risk and compliance posture.
The Self-Funded Courion Access Assurance Implementation
Executive Sponsor: David Rowan, Director, Enterprise Technology Risk Management
Project Team: Wendy Booker, Amanda Jamison, Jennifer Graham, Emily Steele, Melissa Swint, Heather Voigt, Cheryl Cox, Tim Youngstrom, Claude Lewis, Lavoris Smith, Dan Goodberlet
SunTrust worked with Courion to come up with a plan in which all of its goals would be met, with the added bonus of structuring the deployment in such a way that the recognized benefits of the technology would literally negate the cost of implementation over a period of 36 months. Based on our goals, Courion helped structure the sale of its Access Assurance Suite so that the capital expenditure can be amortized over the course of several quarters or years, relieving any impact whatsoever on the IT budget. This enabled the project to address our strategic, technical and financial goals.