Cross-Cloud Collaboration Paves the Way for Data Transparency: OPM’s Groundbreaking Analytics Solution
Over my career, I have run across best practices that could be useful throughout the federal enterprise. I would like to share one that should interest many organizations looking to bring their human resource (HR) data into the cloud. What makes this of special interest is that it was developed by a small team in a short time using technologies currently in the operational environment—quick, low cost and effective to save significant time and money.
The Office of Personnel Management (OPM) is known for overseeing the extensive HR infrastructure of the federal government. However, its latest initiative transcends traditional HR boundaries, introducing a technological innovation that enhances cross-government transparency. From the perspective of individual federal agencies, this groundbreaking analytics solution offers significant opportunities for cost savings and operational efficiency. By enabling agencies to streamline their workforce data and identify areas for optimization, the solution empowers them to reduce redundancies, allocate resources more effectively, and ultimately lower operational costs. So, what makes this innovation significant for each agency, and how does it transform their approach to workforce management?
At its core, this project delivers a technology-driven solution that enables more effective data sharing and collaboration among government agencies, all while maintaining stringent security standards. Let’s explore the key advancements made possible by OPM’s innovative efforts.
Pioneering Cross-Cloud Collaboration Among Federal Agencies
One of the most critical innovations from this project is the breakthrough in cross-cloud collaboration. Microsoft offers multiple cloud environments, including Azure Commercial, Azure Government and Azure Government Community Cloud (GCC). Traditionally, these platforms operate in silos, requiring separate authentication for access. This separation posed a significant challenge for federal agencies collaborating across these different cloud environments to access shared data. The lack of integration was not only a technical hurdle but also a bottleneck in achieving the seamless, secure data-sharing environment the government needed.
Under the leadership of Ozie Foster of the OPM Data team and Greg Hystad of the Cloud Services team, OPM tackled this problem by leveraging Microsoft’s Entra ID, a scalable identity solution. By enabling users across all federal agencies to authenticate across Azure Commercial, Azure Government and Azure GCC clouds through a single Entra ID tenant, OPM established a cross-cloud collaboration system that connects federal agencies.
The significance of this achievement is profound. It represents a pioneering effort where federal agencies can seamlessly access OPM resources across multiple Azure cloud environments. This integration not only facilitates transparency but also enhances security by providing a unified system for identity management across the government.
“Data drives the federal government,” emphasized Foster in meetings with senior agency executives. The ability to share data freely across platforms means that agencies can now work more efficiently, using their resources to address real workforce challenges rather than grappling with technical barriers.
Implementing Support for Certificate-Based Authentication Across Federal Agencies
Another essential aspect of this solution is its identity management approach, particularly when security is paramount. Federal agencies require phishing-resistant multifactor authentication to meet security standards. However, the use of mobile devices for authentication is not always feasible in secure environments where personal devices are banned.
To overcome this challenge, the Cloud Services team, led by Greg Hystad, implemented Microsoft’s Entra ID Certificate-Based Authentication within OPM and championed its usage with other federal agencies. This solution supports Personal Identity Verification cards, ensuring federal employees can authenticate securely while meeting strict federal security protocols.
This implementation addressed the security needs of federal agencies, allowing employees to authenticate without relying on mobile devices. By enhancing security and streamlining the authentication process, operations across the federal workforce have improved where CBA was adopted, enabling employees to focus on their work rather than wrestling with access procedures.
Distinct Roles in Authentication and Authorization
It’s important to note the distinction between the authentication mechanisms provided by the Entra ID implementation and the authorization processes handled by the OPM Data team. The solution has two main focuses: 1) Establishing secure authentication across multiple cloud environments and ensuring users are who they claim to be. 2) Managing authorization by determining what resources an authenticated user is allowed to access and present HR data effectively.
By separating authentication and authorization, OPM enhanced both security and efficiency. Both OPM teams worked to ensure secure and seamless access across cloud platforms among federal agencies to control access to sensitive workforce data, provide valuable insights and maintain strict data governance.
Human-Centered Design in Presenting HR Data
Applying human-centered design principles, the OPM Data team focused on the presentation and accessibility of HR data. They also did the heavy lifting of adding each agency to the platform and mapping the 2.1 million user identities. This approach ensured complex workforce data became more accessible to HR managers and senior leaders across federal agencies.
By understanding the needs and behaviors of users, the OPM Data team created interactive reports and dashboards that present information in a clear and meaningful way. This emphasis on usability empowers decision-makers to leverage data effectively, fostering a data-driven culture within the federal government.
The human-centered design was crucial in transforming raw data into actionable insights. By prioritizing the user experience, the Data team made it easier for stakeholders to interpret data trends, identify issues and make informed decisions regarding workforce management.
Zero-Trust Architecture for Securing the Infrastructure
In today’s digital environment, zero-trust architecture is widely regarded as the gold standard for cybersecurity, as mandated by Executive Order 14028, “Improving the Nation’s Cybersecurity.” This directive requires continuous authentication and authorization before accessing applications and data. The project team focused on and implemented zero-trust principles to enhance the security posture of federal agencies, ensuring that every access request is verified and that no user is inherently trusted.
By incorporating technologies like Entra ID and its Certificate-Based Authentication, the OPM established robust security measures that protect against unauthorized access and potential cyber threats. This comprehensive approach to security is critical in safeguarding sensitive data and maintaining the integrity of government systems.
The Impact: What Does It Mean?
At a fundamental level, the success of this analytics solution marks a significant leap in how the federal government approaches workforce management. The availability of interactive reports and dashboards to leadership across federal agencies means that HR managers and senior leaders are empowered to develop data-driven workforce plans.
For example, HR teams can now track the hiring process with unprecedented precision. If a bottleneck arises—such as a delay in hiring for a critical position—managers can use data to identify and address the problem promptly. This capability is especially critical as the federal government implements key initiatives like the Bipartisan Infrastructure Law, CHIPS and Science Act, and the Inflation Reduction Act. By making data-driven decisions, federal agencies can ensure that they are recruiting the right talent at the right time to meet the demands of these significant legislative efforts.
In the past, generating workforce analytics reports could be a time-consuming process. Users had to set filters, run reports and then wait—sometimes overnight—for the data to be delivered. Now, those same reports are available almost instantaneously. This responsiveness is essential in a fast-paced environment where decisions must be made quickly and based on the most up-to-date information.
Looking Ahead: A Blueprint for Future Success
The success of cross-cloud collaboration among federal agencies, the implementation of certificate-based authentication and the user-focused data presentation not only marks a technological achievement but also sets the stage for a radical transformation within the federal enterprise. This methodology enables federal agencies to unlock unprecedented benefits, fundamentally changing how organizations operate, collaborate and leverage their human capital data.
Integrating these technologies across federal agencies exponentially increases transparency and data accessibility. By establishing standardized authentication systems and applying human-centered design to data presentation, agencies enjoy seamless access to critical workforce data, enabling decision-makers to make more informed, timely and strategic choices.
Moreover, the widespread adoption of certificate-based authentication and zero-trust principles enhances security across the board. As more agencies implement similar systems, the federal government becomes more resilient against cyber threats. Uniform implementation of secure, two-factor authentication, without the need for additional mobile devices, reduces security risks, simplifies compliance with federal standards and ensures consistent and effective security measures across agencies.
By focusing on user experience in data presentation, agencies can revolutionize how employees interact with information. Intuitive and efficient data tools save time, minimize user frustration and foster a culture where employees focus on mission-critical tasks instead of struggling with complex data systems.
This transformation enables the federal government to operate more like a unified entity rather than a collection of independent agencies. By adopting these cutting-edge technologies and user-centric approaches across the enterprise, the government can ensure its workforce is equipped to meet future challenges with agility, efficiency and a data-driven approach to problem-solving. This solution is not just a blueprint for success—it is a pathway to a more integrated, secure, and responsive federal enterprise.
Conclusion
In a rapidly changing world, where the needs of the federal workforce are becoming increasingly complex, the innovative approach to cross-cloud collaboration and data analytics sets a new standard for government initiatives. The benefits—greater transparency, faster access to data, and improved security—are already transforming how federal agencies manage their human capital. For OPM, this project isn’t just about solving today’s problems. It’s about paving the way for a more agile, efficient and data-driven federal government.
James P. Craft Jr., is an AFCEA life member and has been a member of AFCEA’s Cyber Committee since 2008. He has led committee efforts in acquisition reform, national security emergency preparedness, cybersecurity and innovation. He is senior executive at OPM, where he serves as senior advisor to the Office of the Chief Information Officer. He has 20 years of experience in industry and over 25 years of federal service.
