Agencies must develop plans by March 31 to fully implement the use of secure identity cards under Homeland Security Presidential Directive-12.
Federal News Radio obtained a draft copy of the memo that sources say the Homeland Security Department could issue as early as Friday. The final memo details five steps agencies must take to make secure ID cards work on their computer networks and physical access control systems.
The Office of Management and Budget also is expected to issue a memo in the near future as part of this effort to publicly give some momentum to the six-year-old mandate. The two agencies have been working on these memos for more than a year to push forward the use of secure ID cards.
“As of September 2010, agencies reported that approximately 4.9 million out of 5.8 million federal employees and contractors have completed background investigations, and 4.3 million have [HSPD-12] credentials,” wrote Greg Schaffer, DHS’s assistant secretary for cybersecurity and communications in the draft memo. “With the majority of the federal workforce now in possession of the credentials, agencies are in a position to aggressively step up their efforts to use the electronic capabilities of the credentials.”
Insight by V3Gate: In this exclusive executive briefing, executives discuss how their agencies are deploying software that works, and that users really like.
The memo also would give a much-needed kick-start to help agencies implement physical access control using the secure ID cards.
DHS and the General Services Administration will partner to implement the governmentwide architecture, the Federal Identity, Credential and Access Roadmap and Implementation Guidance (ICAM).
“This includes a DHS partnership with the GSA Public Building Service to ensure implementation of physical access requirements for federal buildings, under PBS’s purview, are implemented in accordance with the Federal Security Level Determinations for Federal Facilities – an Interagency Security Committee Standard and NIST guidelines,” Schaffer wrote.
Agencies have made the least amount of progress using HSPD-12 cards for physical access control. Only a handful of agencies have started to change over their systems.
GSA also issued a memo in October requiring agencies to better protect their building control systems from cyber attacks.
The DHS memo also requires agencies by Feb. 25 to name a senior official in charge of HSPD-12 implementation plan development.
Over the next two months, agency plans must include a strategy to ensure:
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)