Strategy SS IAM
➽ Download Strategy SD IAMDiscussion of the strategic priorities
1. Manage digital identities sovereignly and securely
Digital identities – also known as electronic identities – are a central element of digital sovereignty. The goal is that all digital identities within the federal administration – both in the enterprise context (for employees) and in the e-government context (for all other users) – are created and managed by the federal administration itself. Identity solutions provided by cloud or SaaS vendors – including Microsoft (Azure/M365) – must not serve as the primary source of digital identity, not even in hybrid form. Such external solutions must federate with the IAM systems of the federal administration – meaning that authentication is performed exclusively by systems of the federal administration. The federal administration comprehensively protects digital identities against misuse and unauthorized modification, provides them with high availability and resilience, and ensures full traceability of creation, usage, and lifecycle. Where dependencies on third parties are unavoidable, the focus is placed on Swiss providers with certified standards – such as HIN Login in the healthcare sector or the identity verification procedures of Swiss Post and Intrum.Impact: Greater independence from third parties, foundation for exit strategies.
Metric: Share of identities, including authentication services, purely on-premises.
Example: Migration of authentication services from Entra to eIAM (federation of Entra with eIAM).
2. Work open-source, standardized, and interoperable
EMBAG Art. 9 (→) stipulates: “Federal authorities subject to this Act shall disclose the source code of software that they develop or commission for the fulfillment of their tasks, unless third-party rights or security-relevant reasons preclude or restrict such disclosure.” The publication of source code, in particular of eIAM including AGOV, is defined as strategically important under EMBAG Art. 9 to strengthen trust and security; the accessibility of the source code makes bug bounty programs more effective.Standardization and interoperability form a field of tension, because the standard service – especially the eIAM service – more frequently adapts to target applications than vice versa, as the latter, particularly SaaS solutions, offer no flexibility. Flexibility must therefore be anchored in eIAM; only in this way can the governance objective of consistently implementing the once-only principle be achieved and the obligation to use standard services be fulfilled. Standardization is advanced with regard to application integration – especially in the self-service area – and through a focus on standardized interfaces as well as the introduction of standardized machine identities (which are currently very heterogeneous within the federal administration and represent an important element of good interoperability), without abandoning the necessary flexibility.
Impact: Compliance, more economical use of resources, reduced complexity.
Metric: OSS status, share of eIAM integrations without special adaptations.
Example: Cantonal connections to AGOV.
3. Provide user-centric and automated processes
Today, every application connection to the standard service, in particular the eIAM service, is a project with strong involvement of service provider, service recipient, and their suppliers. Accordingly, the service recipient must supply the service provider with Service Level Agreements (SLA); an application connection consumes considerable resources and requires several months. This process must be converted to a self-service portal for standard cases. service recipient and their suppliers can connect applications to eIAM themselves via the “eIAM connect” portal, analogous to the “AGOV connect” portal already available to the cantons.Impact: More economical use of resources, relief for service recipient and service provider.
Metric: Number of completed eIAM integrations without service provider intervention.
Example: Cantonal connections to AGOV.
4. Significantly increase resilience, modernize architecture
IAM systems, in particular their login runtime components, must be highly available. Expanding eIAM including AGOV to maximum availability (fault tolerance / continuous availability) is a strategic objective of the highest priority. To this end, active-active operation is pursued in a network of federal and non-federal data centers (Swiss providers with locations in Switzerland), which is controlled fully automatically and without interruption via DNS as required. Limitations of the federal infrastructure, for example due to DDoS attacks, can thus be mitigated seamlessly.Digital identities play a central role in protecting one’s own data. On the one hand, it is essential to know exactly who has viewed and modified which data and who is authorized to do so at all. The basis for this is that authentication of the digital identity is performed using secure authentication methods, that the identity is verified, and that (depending on requirements) the person behind the digital identity is also known. Misuse of identities and irregularities in identity usage must be detected – topics addressed through ITDR (Identity Threat Detection and Response) and UEBA (User and Entity Behaviour Analytics).
Impact: Increased resilience and security.
Metric: Availability and ZTA signal test results.
Example: System behavior during DDoS attacks, system behavior in response to negative signals (impossible travel, network changes, unknown clients, etc.).
5. Strengthen the positioning of CIS – data quality and access management
Within the federal administration there are many different digital identities. These range from employees (internal and external), partners, and other authorities (cantons and municipalities) to – in the e-government area – companies and private individuals in Switzerland, as well as machines. Numerous processes are applied to ensure that an identity is created within the federal administration, changes over time, and eventually leaves the federal administration (joiner-mover-leaver). At the center of this is the CIS, which serves as the (internal federal) master for these data, and CISARDA, which manages the authorizations of these identities. It is also important that the quality of an identity’s data can be verified. Depending on the use case, this is done periodically in the form of recertification of the identity or its authorizations, with the aim of determining that the identity or its authorizations are still valid.Impact: Increased reliability of the data set, increased security.
Metric: Data quality and recertification timeliness, number of manual follow-up corrections.
Example: Cantonal data deliveries, authorization management of the federal administration.
6. Strengthen collaboration and ensure governance
Strong governance enables smooth and resource-efficient collaboration between service recipient and their suppliers, as well as between service recipient and the ICT steering of the DTI. Governance must be clear, practical, and sustainable – with the objectives of conserving resources, acting in an enabling manner, establishing sustainability, and strengthening digital sovereignty.Impact: Procurement of suitable software, compliance with the once-only principle.
Metric: Number of systems with IAM special solutions, number of exception requests.
Example: AGOV governance vis-à-vis the cantons.
7. Anchor AGOV as the central authority login
AGOV is established as the central, interoperable authentication system for digital government services at all federal levels. It uses the state e-ID and is deployed both in the e-government and in the enterprise context.Impact: Unified government login for Switzerland, cost savings, synergies, good user experience.
Metric: AGOV coverage rate in e-government of Swiss authorities.
Example: Coverage of the federal administration and cantonal administrations expected to be almost complete by the end of 2027.