Leverage existing products & contracts
Implement Login.gov. The Federal government currently has identity and authentication systems in place that can be leveraged to provide authentication. Login.gov could be integrated into Advana and would allow seamless authentication using CACs. This approach would offload the complexity of identity management to a trusted government resource. It could rapidly grow the capabilities of the enclave without requiring user management be a part of the enclave team’s responsibilities. Given the small number of active users, it would also be less expensive than implementing a bespoke or commercial solution. While other systems may be available (e.g. Okta or ID.me), these solutions may be more costly, more difficult to integrate, and less trustworthy than the government-owned Login.gov.
Centralize support and development costs in a single Advana contract. Advana should follow contracting best practices as well as development best practices. This will help the product be more cohesive and make the budgeting around enclave support simpler and more transparent.
Don’t build custom technology. DoD has thousands of contracts that enable every kind of technology service and software necessary to deliver the enclave. The enclave should not be a custom effort. The implementation team should research existing COTS contracts and validate those solutions to decide which one is best for the functionality users need. Advana or a similar data layer solution can be used to gather and manage data from multiple sources. Avoiding custom technology will speed delivery, decrease complexity, and improve the long-term utility of the enclave.