Personal data security for public benefits processing
SOCIAL SECURITY ADMINISTRATION (SSA): Multi-factor authentication to protect retirement and disability beneficiaries
SSA pays benefits to over 70 million people, including retirement and disability beneficiaries and their families. Daily, SSA’s frontline employees serve hundreds of thousands of Americans, using internal services for virtual, phone, and in-office support. To improve its cybersecurity posture and reduce risks from compromised credentials, SSA needed to accelerate its phishing-resistant multi-factor authentication (MFA).
With TMF support, SSA:
- Transitioned noncompliant systems to the agency’s multi-factor authentication (MFA) solution, a single sign-on (SSO) platform that leverages agency credentials in accordance with the Homeland Security Presidential Directive 12 (HSPD-12).
- Addressed applications that use legacy authentication protocols, eliminating long-standing technical debt to maintain these services.
- Established continuous monitoring and governance to ensure services remain compliant with federal security mandates.
Impact reported by SSA includes ongoing protection of sensitive public information, operational efficiency via standardized patterns, cost savings by retiring an old protocol, and cost avoidance from fewer security breaches.
- Investment start: 02/2023
- Project status: Inactive
- Transfer status: 100%
- Repayment status: 100%
- Schedule delay: No
- Cost overruns: No
- ARP funding: Yes
- Commercial product: Yes
- Total TMF investment amount: $21,599,067
- TMF spend to date (obligated): $21,599,067