Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

GETITServices Password Management System

 

Privacy Impact Assessment –GETITServices Password Management System (PWM)

PWM System Overview 

GETITServices Password Management System (PWM) enables customers to instantly and securely reset or change their LAN password across corporate systems, databases, directories, applications, or unlock their customer account.  To decrease costs associated with password resets, the IRS Chief Information Officer has mandated that all IRS employees use PWM.  It is estimated that the time savings attributed to PWM is the equivalent of 19 full-time employees annually.

PWM provides reset and unlock capabilities to the customer through the web or via the ITS toll-free number with the assistance of Help Desk Assistors.  In the future, PWM will provide an automated process to reset and unlock customer accounts via telephone access using a touch-tone phone. 

Systems of Record Number(s): 

Treasury/IRS 34.037 IRS Audit Trail and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. N/A

B. Employee:
Standard Employee Identifier (SEID) and an encrypted password.

Encrypted information- Employee profile (SEID and password) information is encrypted with the 3DES (Triple Data Encryption Standard) algorithm.

C. Audit trail information: PWM is configured to audit the following user events:
* IP address
* Active Sessions
* SEID of employee
* Successful/Unsuccessful Login
* Successful/Unsuccessful Password Change
* Whether email was sent successfully
* Date/Time of event

D. The following information is placed in an employee’s profile for self-service password reset purposes; that is, for “challenge” questions to verify that the user is who they say they are before a password can be reset:
* Name of a childhood friend
* Significant date other than a birthday  

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. IRS:  Corporate Authoritative Directory Service (CADS) active IRS employees are updated on a weekly basis.  PWM administrators download a file daily from CADS that is used to update the list of current IRS personnel accounts.  The file includes SEID’s for current and active IRS employees that should have LAN access.

Employee SEID’s are obtained from Inventory Technology Asset Management System (ITAMS) customer database which provides the information to CADS.  It should be noted that it is the CADS system that maintains the direct interface with PWM to supply this data.

B.   N/A.

C. Employee users enter their SEID (User ID) and password through the PWM’s Password Courier (web) or Identity Management Suite Direct (desktop software) to enter the system.  They can also enter challenge responses through the self-service system, to include data regarding the name of a childhood friend and/or significant date other than a birthday.

D.  N/A.
E.  N/A.
F.  N/A.

3. Is each data item required for the business purpose of the system?  Explain.

Yes.  Data items (i.e., SEID, password, answers to challenge questions stored in the user profile and SEID) are required to enter the system, to verify the employee’s identity, and to allow for customer self-service password reset which is used in case a user is locked out of the system. 

4. How will each data item be verified for accuracy, timeliness, and completeness?

PWM ensures accurate information is input into the application.  In order to ensure that only valid information is entered into the system, PWM uses input restrictions for fields available to its users.  Upon submitting, the data input will be validated against the requirements before successfully resetting/unlocking a password.

User SEID input is authenticated against a record of SEID’s provided in CADS file downloads transmitted once daily to PWM.  When a user attempts to access PWM and his/her profile, his/her SEID is validated against the database record from CADS. 
5. Is there another source for the data?  Explain how that source is or is not used.

No.  There are no additional sources of data within PWM.  The required SEID’s and answers to challenge questions provide verification of employee identity. 

6. Generally, how will data be retrieved by the user? 

Access to a user’s profile via the web is through the web site with a user entering his/her SEID (User ID) and password through PWM’s Password Courier (web) or Identity Management Suite Direct (desktop software).  Access via ITS toll-free number XXXXXXXXXXX[JLH1] is offered with the assistance of Help Desk Assistors.  Help Desk Assistors retrieve data by entering an employee’s SEID and password. 

Help Desk Assistors have a special web interface called Support Staff.  They must submit an OnLine 5081 for this access.  Help Desk Assistors enter a web interface and request the user to validate his/her user information before proceeding to his/her PWM profile for assistance.  Assistors cannot view private information (e.g., SSN).

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  Both employees and Help Desk Assistors must authenticate onto PWM using their Standard Employee Identifier (SEID) and an answer to a user selected challenge question.  Once authenticated, the user can reset/enable his/her password. 

The only personal identifier used is the Standard Employee Identifier (SEID).

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

PWM is restricted to employee users and IRS help desk personnel who have completed the OL5081 process for obtaining an IRS LAN account.

Help desk personnel and users do not have any administrator rights such as modifying configuration settings, changing parameters, or accessing the audit logs. 

Only authorized PWM administrators that have been approved by management and undergone the OL5081 process are permitted to perform maintenance on the application. 

Contractors are employed as developers of the system and have High Risk (BI) background investigations in accordance with IRM requirements. 

9. How is access to the data by a user determined and by whom? 

All access credential requests are enforced through the OL5081 process for granting permissions to systems and applications used by IRS personnel.  All PWM users, including Administrators and Help Desk personnel, must have authorization from the approving manager as part of completing the OL5081 process.

Concerning IRS personnel, PWM receives a daily file from Corporate Authoritative Directory Service (CADS) that contains a list of all current IRS personnel authorized to reset/change their password.  This ensures that only current and active users can access the system and enable/reset their password. 

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

* PWM receives a file from Corporate Authoritative Directory Service (CADS) that contains a list of all current IRS personnel authorized to reset/change their password.  The file includes SEID’s for current and active IRS employees that should have LAN access.
* PWM is interconnected with the Peregrine system in order to generate trouble tickets, related to PWM, sent directly to Peregrine.  A trouble ticket is automatically generated if a system error is encountered during the process of resetting/updating a user account.  The ticket is sent to the Peregrine system for further problem handling and resolution.  The ticket includes SEID, domain name group for LAN account, and incident start and stop time. 
* PWM is interconnected with two domain controllers that fall under the Appeals (AP-1) domain and the Active Directory (DS) and these two domain controllers manage all connections with other downstream domain controllers within the IRS extranet environment. 

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

Corporate Authoritative Directory Service (CADS):
* PIA completed on 11/8/04, expires 11/8/07
* C&A completed on 2/4/05, expires 2/4/08
Active Directory Domain (DS):
* No existing PIA – not required
* No existing C&A – not required
Appeals System Domain (AP-1):
* No existing PIA – not required
* C&A- 6/8/2005, expires 6/5/08
Peregrine: 
* No existing PIA  - not required
* No existing C&A - not required

12.  Will other agencies provide, receive, or share data in any form with this system?  No. 

13.  What are the procedures for eliminating the data at the end of the retention period?

The CADS file sent to PWM will not retain term employees on its list.  Since PWM users are based off of this list, once a term employee is removed, the PWM system will no longer recognize that user nor the data within that user’s profile.  Data of terminated employees is removed. 

Audit logs for PWM are retained in accordance with IRM 10.8.1 for law enforcement requirements.  This ensures that audit data still exists for any incident(s) discovered at a later time and can be used in an investigation of the event if necessary.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.   No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

Identify:  Yes.  The SEID can be used to identify employee users.
Locate:  No.  No information is available to obtain user location. 

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Yes (limited).  The system logs information on the frequencies of employee user password resets for input to regular reports.  The logs and reports do not contain any individual information, only the frequency of resets by all employee users. 

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No.  PWM is not used to treat employees disparately.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

N/A.  The system is not used to make any determinations toward employees either positive or negative.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

PWM maintains session only cookies.
 


Page Last Reviewed or Updated: May 10, 2006