Government
,
Identity & Access Management
,
Industry Specific
Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service
Login.gov will have a new director starting in May as the federal government’s single sign-on service faces a pivotal moment in its growth amid fallout from the Department of Health and Human Services’ decision to drop the tool from its grantee payment platform.
See Also: Zero Trust Unleashed: Keeping Government Secrets Safer Than the Crown Jewels
Login.gov was not compromised or connected to the 2023 incident that allowed hackers to steal funding from several grantee organizations, according to HHS and the General Services Administration. But HHS still decided to remove the service from its platform in an apparent bid to enhance security measures after the breach.
The federal entity told staffers Wednesday that Deputy Director Hanna Kim, who previously held positions at Amazon and the departments of State, Defense and Treasury, will assume the top position on May 11 after serving in her previous role since January, reported Federal News Network.
The sign-on service has been recruiting federal agencies to join a facial recognition pilot program beginning next month amid reports indicating that HHS removed the tool from its platforms after changing its rules to require identity proofing features for any payment management system logins. The move followed a March 2023 hack in which cybercriminals stole $7.5 million after gaining access to the federal government’s contractor award system through a separate sign-on platform (see: Report: Hackers Scammed $7.5M From HHS Grant Payment System).
HHS, which did not respond to a request for comment, told Nextgov/FCW the decision to remove Login.gov was in part due to the fact that it does not fully comply with standards developed by the National Institute for Standards and Technology.
HHS switched login services to ID.me, which complies with NIST’s identity proofing requirements.
The facial recognition project will follow standards set by NIST’s 800-63-3 Identity Assurance Level 2 guidelines, according to Ann Lewis, director of the GSA’s Technology Transformation Services.
Lewis reportedly said in a statement that she is “excited to see Hanna take the reins of the Login.gov program” and build on progress made “toward achieving IAL2 compliance and scaling the program to support critical benefits, services and government applications.”
An inspector general report previously criticized Login.gov for misleading federal agencies about its compliance with NIST’s standards for remote identity proofing.
Kim replaces Dan Lopez-Braus, who will continue to serve as a senior adviser for Technology Transformation Services.