Helping Government Agencies Keep Customer Information Secure

The General Services Administration (GSA) needed a way to keep the personal information of their more than 30 million customers safe—while making the log-in process as easy and painless as possible. In the past, government users had to create multiple logins for various agencies. The GSA hoped to streamline this by allowing for one ID that could access multiple sites, while still meeting NIST standards for identity-access levels. Here’s how the Enquizit team helped the GSA hit their goals:

  • DevSecOps
    Enquizit integrated a DevSecOps approach to build and scale the GSA’s new application quickly. This included using automation to support monitoring of the overall system and ensuring an easy, graceful recovery should any problems arise. The automation also freed up the engineers’ time, as they no longer had to manage the routine work that AI was better able to handle.
  • Anonymization
    If a hacker breaks the password of one user, it’s critical that they cannot access the other 30 million. Enquizit provided expertise and best practices for “anonymizing” user data by implementing security platforms like Macie, Guard Duty, WAF, and rotating KMS keys (dual encrypted). The end result? The system is so secure that even Congress cannot access the names in the system. Only the user’s password can unlock the PII, meaning that all of your private information is safe.
  • IAL2 compliance
    The GSA wanted to make their system extra secure by moving beyond a simple password login to reach Identity Assurance Level 2 (IAL2) compliance, which asks users to verify their identity. But IAL2-compliant systems could often be clunky or slow. Enquizit built a system that would verify users’ identity through a simple upload of their driver’s license—a process that was both secure and easy to use.
  • Human-centered design
    As experts in human-centered design, Enquizit has a process for incorporating user perspective into every project. When the GSA asked Enquizit to support them on UX, the Enquizit team helped them develop UX content, including How-to and FAQ guides, in user-friendly language that regular consumers could understand.

Enquizit’s team was originally chosen for their deep knowledge of AWS tools, but as the project developed, the GSA tapped them for extra help with DevSecOps, project management and communication, and UX. Today, more than 20 government agencies are using the login tool—and the scalability of the solution means that it can easily grow to serve even more. To find out more about Enquizit’s work with the GSA, read the full case study here

Stefan Deusch

Forward-thinking Engineering leader offering 20 years of experience with a background in effective and dynamic work environments. Clear communicator, decision-maker, and problem solver focused on achieving project objectives with speed and accuracy. I am passionate about building quality teams, cloud computing, and machine learning.

Let’s see how we can
empower your organization
to make a difference.

Let's Talk About Everything!