Embracing modern technology
The Federal Communications Commission (FCC) is an independent government agency responsible for regulating and licensing US communications—from radio, television, and wire to satellite and cable.
A lot of the FCC’s time is spent developing rules and regulations, which means they have to regularly consult with industry stakeholders as well as private citizens. But because the FCC’s host of legacy programs and sprawling on-prem infrastructure simply wasn’t keeping pace with evolving technologies, the FCC’s commitment to serving the public became increasingly difficult and expensive.
The FCC also had an identity crisis. Since employees, contractors, partners, and members of the public all have separate identities and access different applications and systems, the FCC’s identity management workload was enormous. Users were stored in a variety of different places, which made the onboarding process of new applications inefficient and slow. Additionally, existing solutions like RSA provided MFA for only one application.
With the vision and guidance of CIO David Bray and senior strategic advisor Tony Summerlin, the FCC decided to modernize their technology, and bring on Dustin Laun and Byron Caswell as consultants to help tackle the challenge. Both Laun and Caswell are now technology and security advisors for innovation working with the FCC.
“We looked at transforming the way the FCC delivers citizen-centric services and accelerating a path to the cloud, really to improve the scalability, security, and agility of the overall IT organization,” says Caswell.
Laun and Caswell were also responsible for helping the FCC find a way to provide internal and public services quickly, conveniently, and cost-effectively. Ultimately, the FCC needed a comprehensive identity management and multi-factor authentication platform to streamline their processes. This would also help the FCC cut costs without sacrificing the quality of their services or security.
Getting comfortable in the cloud
Moving to cloud-based technology seemed like an obvious way to accomplish the FCC’s modernization goals. Laun says their solution was to use an “80-15-5 model,” meaning 80% of their new tech would be platform-based, 15% would be add-ons designed to fill gaps in the platforms, and 5% would be developed from scratch.
But they still needed something that could tie it all together. After a little shopping around, Laun and Caswell decided on Okta Single Sign-on as the entry point for all of FCC’s applications, including Box, Office 365, and ServiceNow—plus any leftover legacy apps. Further, Okta Lifecycle Management enables the FCC to automate the process of provisioning and deprovisioning applications when users are onboarded and offboarded. And finally, Okta provided better technology overall and cost six times less than the combination of Microsoft solutions they were using, which included Active Directory Federation Services, Forefront Identity Manager, and RSA.
By using Okta Multi-Factor Authentication (MFA), the FCC has also been able to improve their security—which is particularly critical because the agency holds a lot of sensitive information, including their license holders’ financial and banking details. Since it works seamlessly with their other cloud products and keeps all of the individual pieces secure, Caswell has found Okta MFA to be the perfect solution. Okta is also pursuing FedRAMP certification. This means that FCC's tenant is in a FedRamp compliant cell--which includes government-wide controls and compliance processes that ensure an extremely high quality of security assessment, authorization, and continuous monitoring for cloud solutions.
“Okta is one of the key components of a flexible enterprise architecture that would really help us provide an identity layer on top of other cloud products that we selected to help deliver citizen-centric services,” says Caswell. “We orchestrated layers of security from user experience, on down to service management, on down to API, on down to content storage, and to file management and email.”
Better yet, it fit their budget.
“Where Okta came in for the FCC specifically was at a reasonable cost,” says Caswell. “It gave us the ability to offload some of the identity management problem that we had, and to scale seamlessly as we move more and more services onto cloud platforms.”
Getting employees on board
No matter what kind of work you do, when you have a lot of employees who have been doing things a certain way for years, they don’t usually welcome change. Add 800 to 900 lawyers to the mix, and your workforce will reach a whole new level of debate, discussion, and (let’s face it) resistance. This is exactly what the FCC experienced when they started the modernization process.
“You have to put the technology in place and then bring the employees back later,” says Laun. “It's kind of like running a sprint past them. You'll get yelling and screaming about what you're doing, and then you come back, you catch them up, and then you do it again. If not, you're going to be bogged down and you won't be able to get to the end game. It's a lot of education.”
Using Okta meant that Caswell and Laun could put new technology in place quickly at the FCC, which eased the transition for contractors, staff members, and partners.
“Okta was one of those very quick things, those very important things that we could use to swing over old services from Legacy Exchange to Office 365,” says Caswell. “Managing identity with Okta helped us do a more seamless swing-over without having to worry about a lot of the problems you get with hosting in the AD tenant.”
In terms of SAML protection and identity management, Okta integrated easily with both the new applications the FCC had developed and the FCC’s legacy technology. All this has made the process of moving from on-prem to cloud much faster, and far more painless.
A picture of success
Quick and painless is exactly how Laun defines a successful modernization effort.
“Success is a seamless integration into your applications without a bunch of help tickets,” he explains. “The other side of that is how quickly we can onboard the applications we're either purchasing or building. So, for the Boxes, the Zendesks, the ServiceNows of the world…it's a matter of minutes if you know what you're doing.”
And when the FCC has needed assistance, Laun says every layer of Okta’s team has been consistently helpful. He calls Okta “a leader in what it’s trying to accomplish,” specifically referencing ease of use, “the partner ecosystem,” and the number of apps Okta is already integrated with.
Caswell agrees.
“It's difficult for a lot of cloud services to really embody and live the security mindset,” he says. “Okta was a partner that lived that, that lived security engineering, that lived credential and access management. They were one of the few that we found that really did embody that.”
About the Federal Communications Commission
The Federal Communications Commission regulates interstate and international communications by radio, television, wire, satellite, and cable in all 50 states, the District of Columbia, and U.S. territories. An independent U.S. government agency overseen by Congress, the commission is the United States' primary authority for communications laws, regulation, and technological innovation.
*All statements are attributed to consultants of the FCC, Dustin Laun and Byron Caswell. This is not an endorsement by the FCC or any of its employees.