Identity as a service (IDaaS) is when a company offers identity, credential, and access management (ICAM) services to customers through a software-as-a-service (SaaS) cloud-service model. Public safety organizations (PSOs) could potentially reduce costs and adopt new standards and authenticators more easily by using IDaaS to provide authentication services for their own applications. This would allow PSOs to offload some or most of their authentication responsibilities to the IDaaS provider.
This report informs PSOs about IDaaS and how they can benefit from it. It also lists questions that PSOs can ask IDaaS providers when evaluating their services to ensure the PSOs' authentication needs are met and the risk associated with authentication is mitigated properly. PSOs considering IDaaS usage are encouraged to use this NISTIR. This report was developed in joint partnership between the NCCoE and the Public Safety Communications Research Division (PSCR) at NIST.