In 1999, the IRS awarded CSC with a massive contract to modernize their computer systems. Knowing how important improving the IRS was, Congress allocated $8 billion dollars towards building new business applications and a new infrastructure. A central component was the security system that authenticates and authorizes tens of millions of users. CSC tasked STP’s current leadership with selecting and implementing a 100% COTS based single sign-on solution.
As directed, the new IRS security system was built with two leading enterprise COTS products. The COTS single sign-on system immediately provided the IRS with the most advanced capability that commercial industry could offer. For years the system would function as designed, but with one huge limitation. The interface that the IRS security administrators were forced to use to complete their daily tasks was meant instead for system administrators for emergency use only. The interface required IT expertise and if used incorrectly could with a single keystroke, delete millions of user records. Unfortunately, on more than one occasion, security administrators accidently deleted the entire user store causing extended outages while the data was recovered.