Download Capability Statement
Picture of Team Makpar

Team Makpar

Modernizing ICAM at Scale: A Conversation with Asad Khan on Operating Identity for Tens of Millions of Users

Identity at IRS scale is not a feature. It is mission infrastructure. In this Q&A, Asad Khan, VP of Innovation at Makpar, explains what it takes to operate ICAM for more than 60 million users, why designing for peak demand is critical, and how agencies can build resilient, scalable identity systems that support security, performance, and trust.

Federal agencies are expanding digital services at an unprecedented pace. But as demand grows, so does the pressure on the systems that sit behind every interaction.

At the IRS, that system is identity.

We spoke with Asad Khan, Vice President of Innovation at Makpar, about what it really takes to operate Identity, Credential, and Access Management (ICAM) at national scale, and why identity must be treated as core infrastructure, not a supporting function.

Q: Why is ICAM different at IRS scale?

Asad: At IRS scale, identity behaves very differently than in most environments. You are not supporting thousands of users. You are supporting tens of millions, often simultaneously, with zero tolerance for disruption.

Every login request, access decision, and identity signal contribute to system load. Even small delays or inconsistencies become visible to millions of users. That changes how identity systems must be designed and operated.

Identity is not just about access. It is about ensuring reliability, performance, and trust at scale.

Q: What does it mean to treat identity as infrastructure?

Asad: It means designing identity systems the same way you would design any mission-critical platform.

That includes:

  • Engineering for peak demand, not average conditions. 
  • Prioritizing uptime, throughput, and recovery. 
  • Ensuring consistent availability during surges, policy changes, and fraud spikes. 
  • Treating identity as the digital front door to every service. 


At this level, identity is not a background security function. It is foundational to how services operate.

Q: Why is designing for peak demand so important?

Asad: Peak demand is when systems are most exposed.

During filing season, login volumes surge, concurrency increases, and user expectations are highest. There is no margin for error. If identity slows down or fails, it impacts everything downstream, from taxpayer access to internal operations.

Designing for peak means building systems that can absorb that pressure without degrading performance or user experience. It also means having the visibility to detect issues early and respond before they cascade.

For example, the IRS identity access management system was highly robust through the high-demand tax filing season without any significant disruptions.

Q: What are the biggest challenges in operating ICAM at this scale?

Asad: The challenge is not just scale, but it is consistency.

You are managing identity across dozens of applications, multiple user types, and evolving policy requirements. At the same time, you need to maintain consistent authentication, authorization, and access enforcement across all of it.

As the system grows, so does the attack surface. More users, more entry points, and more opportunities for fraud. Maintaining reliability and security under those conditions requires disciplined engineering and operational rigor.

Q: How does strong ICAM improve mission outcomes?

Asad:  When identity works, everything works better.

At scale, strong ICAM enables:

  • Seamless user access with less friction. 
  • Earlier detection of fraud and anomalous behavior.
  • Consistent access decisions across systems. 
  • Reduced operational burden on support teams. 
  • Stronger trust in digital services. 


These outcomes directly impact service delivery, cost efficiency, and public trust.

Q: What lessons can other agencies take from this?

Asad: The biggest lesson is that identity cannot be treated as a standalone security tool.

It must be treated as enterprise infrastructure. That means aligning identity with how services are delivered, how systems scale, and how operations are managed day to day.

Agencies should focus on consistency over customization, resilience over short-term fixes, and designing for their most demanding scenarios, not their average ones.

Q: What does the future of ICAM look like?

Asad: Identity systems will become more adaptive, more automated, and more integrated into how decisions are made across systems.

You will see stronger use of real-time signals, more dynamic authorization, and tighter integration between identity, fraud detection, and analytics. However, the foundation will remain the same.

Reliable, scalable identity infrastructure will continue to be the backbone of secure digital services.

Q: Any final thoughts?

Asad: Identity may not always be visible to users, but it shapes every interaction they have with government systems.

At IRS scale, getting identity right is not optional. It is essential to delivering secure, reliable, and trusted services to millions of taxpayers.

If your agency is operating identity at scale or planning modernization efforts, connect with Makpar to learn how we help agencies build resilient, mission-ready ICAM infrastructure.

Related Posts

MAKPAR BLOG

How Identity Strengthens Trump’s Federal AI Policy and Secure Adoption

Read More
Protecting the Nation's Financial Nerve Center from AI Threats_ Part Two
MAKPAR BLOG

Protecting the Nation’s Financial Nerve Center from AI Threats: Part Two

Read More