Back to Case Studies

$1M - $2M

Federal Government IAM Implementation: Zero Trust Architecture

government
Account Manager
Enterprise
12-18 months

ACV

$1.8M

TCV

$8M

Sales Cycle

12 mo

Deal Motion

Competitive Displacement

Competed Against / Displaced

CyberArkYubico

Why We Won

Won on the broadest FIPS 140-3 certification coverage in the market and favorable GSA Schedule pricing that fit within the agency's existing procurement vehicle, removing the need for a new sole-source justification.

Outcome

Successfully deployed to 50,000+ users across 12 locations with 99.9% uptime during critical operations. The deal value reached $1.8M initial contract with a 5-year IDIQ ceiling of $8M. Met all Zero Trust mandate requirements 6 months ahead of the executive order deadline. Reduced authentication infrastructure costs by 35% and eliminated 3 legacy systems. The agency has since expanded scope to include additional components and has become a reference for other federal opportunities.

The Challenge

A major federal agency needed to modernize their legacy identity infrastructure to meet Zero Trust mandates from the White House executive order. Their existing systems were fragmented across multiple departments with no unified identity layer. The project required FedRAMP authorization, security clearances for support personnel, and coordination across multiple contracting vehicles and procurement offices. The agency had failed two previous modernization attempts due to contractor performance issues and integration challenges with legacy mainframe systems.

Sales Motion

Federal sales require early engagement during the budget planning cycle, so I engaged with the agency CISO 18 months before the anticipated RFP. I worked closely with our FedRAMP PMO to ensure our authorization was current and addressed all agency-specific requirements. We pre-positioned by participating in industry days and responding to RFIs. I developed relationships with the prime contractor who would likely lead the overall modernization effort, positioning us as a preferred subcontractor for identity components. We also invested in hiring and clearing support personnel who could work on-site, addressing a key concern from the previous failed implementations.

Execution

During the pre-RFP phase, I provided technical briefings to agency stakeholders that shaped requirements in our favor without crossing ethical lines. When the RFP was released, I coordinated with our capture team to develop a compliant proposal that emphasized our federal experience and cleared personnel. After award, I facilitated a rapid FedRAMP assessment by pre-staging all required documentation and coordinating closely with the agency's authorization team. I established a dedicated account team with cleared personnel who could respond to urgent issues and participate in classified planning sessions.

Objections Handled

Your previous subcontractor performance was inconsistent

I acknowledged past challenges and demonstrated our new dedicated federal team structure with cleared personnel and 24/7 support capabilities. We provided performance bonds and SLA guarantees.

We need integration with legacy mainframe systems

I brought in our solutions architects to demonstrate our mainframe connectors and provided reference implementations from other agencies with similar requirements.

Key Takeaways

Federal sales cycles require early engagement during budget planning - waiting for the RFP is too late to influence requirements or build relationships. FedRAMP authorization is a competitive differentiator that enables faster time-to-contract. Investment in maintaining authorization pays dividends. Cleared support personnel are essential for sensitive environments and should be viewed as a strategic investment, not a cost center.

Key Stakeholders

  • Agency CISO
  • CIO
  • Contracting Officer
  • Program Manager
  • Deputy Secretary

Tools & Platforms

SalesforceGovWinMEDDICDeltek

Deal Timeline

Federal Government IAM — Zero Trust Architecture

1

RFI Response

Sep 5, 2022(21d)

Responded to federal RFI for zero-trust identity. Positioned passwordless as alignment with EO 14028 and OMB M-22-09.

Contracting OfficerCISO
2

Capability Briefing

Sep 26, 2022(14d)

Delivered technical capability briefing to agency security team. Demonstrated FedRAMP-authorized architecture and PIV/CAC integration.

CISODeputy CIOSecurity Operations Lead
3

Proof of Concept

Oct 10, 2022(60d)

Deployed 60-day POC across two divisions. Validated interoperability with existing ICAM infrastructure and PIV smart cards.

Security Operations LeadIdentity ArchitectProgram Manager
4

RFP & Proposal

Dec 9, 2022(45d)

Submitted formal proposal against 4 competitors. Differentiator: only vendor with full FIDO2 + PIV convergence path.

Contracting OfficerTechnical Evaluation Board
5

Best & Final Offer

Jan 23, 2023(30d)

Selected for BAFO round. Structured 5-year IDIQ with annual option years to de-risk budget approval.

Contracting OfficerDeputy CIOBudget Analyst
6

Contract Award

Feb 22, 2023

Awarded 5-year IDIQ contract. Phase 1 covering 8,000 users across agency HQ and three regional offices.

Contracting OfficerCISODeputy CIOProgram Manager
Sep 5, 2022Feb 22, 2023 (6 months)
More Case Studies
Discuss This Deal