Privileged Identity Management Services

The Vendor is required to provide to procure a comprehensive privileged identity and access management solution for itself and 58 local boards.
- Identity and access management platform for BOE that provides multi-factor authentication up to Authenticator Assurance Level 3 (AAL3), standards based single sign on capabilities (e.g. SAML, OpenID, OAuth), and behavior-based analytics & alerting.
- Installation and provisioning of privileged access management platform for BOE that provides password rotation, just in time provisioning, and remote vendor access provisioning, monitoring & auditing.
- Installation and provisioning of a vendor remote access platform for Subscribers that provides password rotation, just in time provisioning, and monitoring & auditing.
- Identity and Access Management (IAM) Platform
•    Users (up to):
o    120 employee accounts
o    500 vendor accounts
o    20,000 customer accounts
•    Capabilities:
o    Integration with Microsoft Active Directory/Entra.
o    Support for software as a service (SaaS) applications.
o    Support for multi-factor authentication up to AAL 3.
o    Standards based single sign on capabilities (SAML, OpenID, 0Auth).
o    Behavior based analytics and alerting.
- Privileged Access Management (PAM) Platform Deployment 
•    Users (up to):
o    35 internal users
o    30 vendor users
•    Capabilities:
o    Integration with Microsoft Active Directory/Entra.
o    Support for software as a service (SaaS) applications.
o    Password rotation.
o    Just in time provisioning.
o    Monitoring and auditing of all access.
o    Ability to record all actions taken during a privileged access session.
•    Services:
o    Installation and deployment support services.
- Subscriber Vendor Remote Access Platform Deployment
•    Users (up to):
o    58 remote vendor access accounts.
•    Capabilities:
o    Integration with Microsoft Active Directory/Entra.
o    Support for software as a service (SaaS) applications.
o    Individual portal access for each subscriber under separate tenants with no central management of all tenants.
o    Unified portal for additional vendors to access all subscriber systems.
o    Support for third party multi-factor authenticators.
o    Ability for subscriber administrators to provision and deprovision licenses for vendors without requiring vendors to create new accounts each time they connect.
o    Password rotation.
o    Just in time provisioning.
o    Monitoring and auditing of all access.
o    Ability to record all actions taken during remote access session.
•    Services:
o    Installation and deployment support services for each subscriber.
o    Individual agreements with each subscriber.

- Contract Period/Term: 1 year
- Questions/Inquires Deadline: October 31, 2025