With more than 1.6 million secure identification cards in employee and contractor hands, agencies are turning their attention to how best to use them.
Many agencies have pilot programs to use their Homeland Security Presidential Directive-12 cards for either physical or logical access. For instance, the Department Housing and Urban Development is testing logical access control starting in the chief information officer’s office.
The Agriculture and State departments, and NASA are among the agencies taking the lead to use their HSPD-12 cards for physical access control. In fact, the National Institutes of Standards and Technology is receiving a lot of questions about how best to implement physical access control systems.
“Most agencies have physical access control systems in place and those systems need to be integrated with [HSPD-12] card,” says Bill McGregor, NIST’s Personal Verification Identification (PIV) coordinator. “Now is the time for advice.”
NIST issued its advice in a special publication 800-116, A Recommendation for the Use of PIV Credentials in Physical Access Control Systems, last month to give agencies help in implementing these systems.
McGregor says physical access control system is a natural place to start because so many agencies already are using them.
The guidance offers agencies 20 suggestions for how to proceed with implementing these systems.
McGregor says two important recommendations include developing a project management plan to include milestones, cost and performance data.
Agencies also should find a mentor, including State, NASA or USDA, who has some experience in integrating these systems.
“They can offer advice for planning and processes,” he says.