Success Story / Cross-Entity Collaboration
RadiantOne tightened security while accelerating information flow across agencies.
The DHS was responsible for securing access to systems across numerous agencies despite significant identity sprawl. This led to a convoluted process around sharing data across agencies—an ongoing roadblock for key initiatives. Keeping a high degree of access control over this wide array of systems and points of entry presented a constant challenge to the DHS’s IT personnel.
To accelerate their access and governance processes and respond faster to agency access requirements, DHS set up the Trusted Identity Exchange, or TIE. TIE manages the digital flow of identity, credential, and access-management data for DHS employees and contractors. It establishes a ‘one-stop shop’ of trusted information about the people that access DHS applications and data.
The DHS gained a massive increase in operational efficiency—with a central interface and streamlined process for requesting and obtaining identity data, there is decreased effort required for granularly extending access to the myriad agencies and applications. The team radically accelerated cross-agency collaboration, while adding security and improving privacy compliance.
The Department of Homeland Security (DHS) consists of many of the nation’s most essential programs and agencies, including FEMA, TSA, US Borders and Protection Agencies. In a national security crisis or natural disaster, it’s imperative that these agencies and their staff can collaborate, immediately.
However, they were bogged down by an antiqued and complex IT infrastructure. The IT team struggled to keep up with access requests from federal employees to the DHS network for email, facility control, training, and time and attendance systems. They were saddled with a time-consuming, manual process for granting access—identity sprawl left them without a modern method for sharing data. DHS needed a way to simplify its identity infrastructure and enable interoperability between systems. Thanks to the sensitive nature of the data, they also needed to be highly selective about what data was going where to ensure compliance with internal security and privacy rules. To address these complex challenges, DHS developed a solution called the Trusted Identity Exchange to create the one unified identity platform they needed to quickly and securely enable multi-agency collaboration.
“Being able to provide one magical source of a bunch of data to your downstream systems is huge. Now whether the organization or company uses SailPoint or whether it’s Okta, whether it’s Savyint or whatever it is, just a single source of identity data is huge, for an identity system or provisioning system, any workflow system.”
The DHS’s identity infrastructure was fragmented and presented significant challenges for managing ever-increasing requests for access. Their dispersed system required a lot of manual effort to navigate even basic access requests for internal users. The existing process to add new employees required multiple paper forms (!!!) to be generated and sent via email or faxed to a number of individuals, who then had to hand-enter Personally Identifiable Information (PII) from paper forms. The outdated IAM system led to unsustainable business practices bound to introduce errors.
In addition, every “consuming” application required a unique collection (and formatting) of the user’s digital identity and credential data to manage access to protected resources, such as federally managed facilities, information systems, and data. These applications could range from a physical building door reader to a computer connected to the DHS network, or to any application on the DHS technical environment.
Even for the more “automated” element of system-to-system communication, each system had to make multiple connections to different identity sources. And there were many consuming applications that needed access to the data of these authoritative systems. So it was a burden on the IT team to either create a new API, expose a new interface, manage a new set of ACL’s for applications, create files and a job to send them or put them on a server–it was a system overdue for modernization.
It was hugely cumbersome to manage, and there was a major loss of visibility into where data was going—who has access, who needs access, where has it been shared? Security and privacy teams were concerned—there was no way of managing or tracking all of this data.
The team at DHS knew they needed to modernize their IAM system to incorporate change faster, automatically, and with more transparency to meet compliance requirements. The new system needed to leave in place what was working—the authoritative data systems and independently operating agencies—while also unifying them into an interoperable, organization-wide identity data platform that would enable collaboration quickly and securely. They called this effort the “Trusted Identity Exchange” (TIE), with the intention that this service would drive a number of initiatives to deliver quicker time to value, enhance productivity for employees, reduce the burden on IT teams, and strengthen security posture through secure cross-agency collaboration.
The DHS chose the RadiantOne Intelligent Identity Data Platform to build their TIE/as the core infrastructure powering the TIE. RadiantOne establishes secure connections to authoritative data sources, providing a secure interface for DHS applications, enabling timely and secure sharing of data that gives DHS technical agility to extend and retract access appropriately.
RadiantOne provides the integration layer for TIE that aggregates and rationalizes the data to create a central identity hub containing all the identity data for each user. It can then produce the specific composite views required by each consuming application.
In the TIE framework, RadiantOne supports many consuming applications, such as SailPoint and TSA Pre-Check for DHS employees, making it a key enabler to DHS initiatives that hinge on the successful implementation of those solutions. These initiatives include the DHS Data Framework, Personal Identity Verification (PIV) Smart Card usage, Single Sign-On (SSO), and fine-grained authorization (also known as Attribute-Based Access Control).
Thanks to RadiantOne and the TIE initiative, DHS simplified its identity infrastructure, enabling more efficient and secure operations and easier, more streamlined experience for its users, no matter which DHS-affiliated program or agency employs them.
“Privacy loved us, like absolutely loved us.” -ICAM Architect, DHS
This enhanced identity platform pays dividends in productivity, operational efficiency for the organization and the IT team, and maybe most importantly, in decreased risk. While ramping up the speed of collaboration was key to the TIE project, a key benefit was securing sensitive data by gaining visibility into and control over what data was going where, centrally managing that flow, and delivering insight into the validity of those flows for compliance. Now, agencies are empowered to act autonomously while benefiting from shared resources, and employees are able to work together effectively—all while reducing the burden on the IT team.
Explore common challenges across all industries and see how our Intelligent Identity Data Platform changes the sunk cost one-off “solution” game.
© 2025 Radiant Logic, Inc. All Rights Reserved. | Privacy Policy