Why is Delaware adopting a new Single Sign-On now?
The pandemic, especially its need for a secure Contact Tracing application, accelerated our rollout of this solution. But it has been in the making for over a year due to the need to harden the State of Delaware network against ever-increasing security threats.
When will workers begin to use this ID.Delaware solution?
Some workers have begun to use it already! All State of Delaware workers in Executive Branch and select other organizations are in Phase 1. Their workers will receive an email in early July with a web link, requesting completion of the five-minute registration process immediately. All State of Delaware staff must register to retain VPN access.
What if I am on leave when the registration email arrives, and I return to work after the new system is enabled?
You will be required to register automatically when you try to access the VPN (by covidaccess.delaware.gov, for example). Complete your ID.Delaware.gov registration and you’re all set! Remember that you can access state email without VPN access. See our business continuity resources section for links allowing access State of Delaware email from any device.
What if I got this notification, but I use access.delaware.gov and Entrust: do I still need to register?
Yes, all remote access users must register to use the new ID.Delaware solution for your remote access login validation.
What if I use covidaccess.delaware.gov, but don’t get this notice or the registration email?
Workers unable to register ahead of time will be redirected to the registration screen the first time they access a service like covidaccess.delaware.gov after the solution is enabled. You can register immediately to regain their VPN access. Workers can also contact the DTI Service Desk at 302.739-4DTI or your own agency’s Help Desk for assistance.
Will this ID.Delaware Single Sign-On solution only apply to VPN/remote access or will it be used for network login? How will it affect applications my organization has developed that use network credentials?
The primary focus is State of Delaware Internet-facing enterprise applications, managed by DTI and in use across multiple state organizations. Initially, Internet-facing applications that authenticate using Active Directory will be among the first to have their tiles added to workers’ home screens. Over the coming months and years, the intent is to work with organizations to assure that their applications are secured by ID.Delaware.
How will the applications I use get added to my ID.Delaware home screen?
Your organization’s IRM will work with your DTI Customer Engagement Specialist on a plan and timetable to migrate your organization’s applications to OKTA where this is appropriate.
How will this change affect Microsoft 365?
For workers who already transitioned to Microsoft 365 and enrolled in MFA, they will transition to the solution which will perform authentication, replacing the old MFA. Workers will access email and Microsoft 365 applications without MFA while within the State network and use ID.Delaware for MFA when outside the State network.
ID.Delaware will enable the migration of organizations whose workers hadn’t yet transitioned because of limitations of the previous MFA.
How does an organization request that an application be added?
Your organization’s IRM and Customer Engagement Specialist will work together in the coming months to identify applications to be transitioned to the new solution.
Will DTI or the business manage worker access to a business’ special applications?
Business owners can manage who among their workers have access to a business’ applications.
Will there be a cost to organizations for employees to use this new solution?
There is no cost for our agency partners associated with this transition during this coming fiscal year (FY2021). It has been added in the proposed end-user Core Services package as a piece of the security cost for inclusion in the new Shared Services cost model to be phased in/adopted in FY2022. It is anticipated that there will be a rate differential between centralized and non-centralized organizations. There will be further discussions with organizations after OMB has approved the Shared Services cost model.