Personal data security for public benefits processing
SOCIAL SECURITY ADMINISTRATION (SSA): Multi-factor authentication to protect retirement and disability beneficiaries
Challenge: SSA pays benefits to over 70 million people, including retirement and disability beneficiaries and their families. Daily, SSA’s frontline employees serve hundreds of thousands in the American public, using internal services for virtual, phone, and in-office support. To improve its cybersecurity posture and reduce risks from compromised credentials, SSA needs to accelerate its phishing-resistant multi-factor authentication (MFA).
Approach: With TMF support, SSA is working to:
- Onboard noncompliant systems to the agency’s MFA solution, a single-sign-on with Homeland Security Presidential Directive-12 approved personal identity verification credentials
- Address applications that use legacy authentication protocols, eliminating long-standing technical debt to maintain these services
- Establish continuous monitoring and governance to ensure services remain compliant with federal security mandates
- Investment start: 02/2023
- Project status: Inactive
- Transfer status: 100%
- Repayment status: 100%
- Schedule delay: No
- Cost overruns: No
- ARP funding: Yes
- Commercial product: Yes
- Total TMF investment amount: $21,599,067
- TMF spend to date (obligated): $21,599,067