Employees at the Pentagon carry two identity cards. One that lets them log onto their computer network, called the Common Access Card, and another that gets them into the building.
In the next 10 months, employees working at the Pentagon, the Mark Center in Alexandria, Va., and at several dozen other buildings guarded by the Pentagon Force Protection Agency will get rid of their building card and just use their CACs for physical access.
“This is a huge break through,” said Mary Dixon, the director of the Defense Manpower Data Center, after her speech at the Interagency Smartcard Advisory Board meeting in Washington Wednesday. “We’ve been working with them for a number of years. It should set the tone for the rest of the department.”
Dixon said the Force Protection Agency will update their access control system to use the contactless part of the CAC.
“They have been working on that for some time,” Dixon said. “In some places, they have also installed biometric readers so they have the capability to do a biometric check if they want to.”
She said since the Pentagon rents office space in some buildings they cannot put in gates so they are still working through those challenges.
The Pentagon Force Protection Agency is expected install these new capabilities at the Mark Center this summer, and the Pentagon building by the end of the December, Dixon said.
Physical access control is one area where DoD and the rest of the government haven’t made much progress. Dixon said the services also are taking a look at physical access control more centrally. The Office of Management and Budget and the Homeland Security Department earlier this month required civilian agencies to use their secure identity cards under Homeland Security Presidential Directive-12 for physical access control starting in 2012.
DoD and its services are bit farther along using the CACs for physical access control, but still have a long ways to go.
“In some cases, they have started saying ‘the biggest thing I’m going to need is communications to my gates,'” Dixon said. “So even if they haven’t invested in physical access control systems, they have invested in bringing that communications infrastructure to the gates. Others have started deploying access control systems. Everyone has a plan for how they are going to move forward. The only constraint at this point could be funding.”
Along with physical access control, DoD is exploring how to expand who could use CACs or similar secure identity cards, and how soldiers and employees could use the cards.
Dixon said DoD has piloted using the cards to carry transit benefits in Utah. The military also has tested how a CAC could act as an electronic purse. Dixon said DoD gave recruits about $400 on a secure card for use on the base.
But the Army plans on testing the biggest untapped group to use the CACs: retirees and family members. She said they still need access to websites or others DoD applications that are CAC-enabled.
Dixon said the Army will begin the pilot with 2,500 retirees later this year.
“The question is can we just issue them CACs?” she said. “But it imposes a number of requirements that we are not sure we are prepared to address yet. But we do know the public key infrastructure [token] does offer a higher form of security. What the Army is trying to do is get some lessons learned about what happens when you do this with people that really don’t understand the lingo, that have home computers and you don’t know what kind of security they have on there. Does this improve our level of security?”
She added the big issue to move forward beyond the pilot is what will creating, issuing and maintain cards cost the department. If Army’s costs are reasonable, DoD could expand the issuance of cards to family members and retirees.
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)