Personal Identity Verification

In today’s Federal Newscast, two members of Congress want the White House to save all records on the firing of State Department Inspector General Steve Linick.

The Department of Homeland Security has created a new, derived alternative credential for both new and existing employees and contractors who need access to the agency’s networks but can’t physically visit a DHS facility to replace or get a new personal identity verification (PIV) card during the coronavirus pandemic.

The General Services Administration approves the technologies and the vendors and the White House sets the parameters for the security of federal facilities. But GAO says upgrades aren’t happening quickly enough.

Randy Wood, vice president of U.S. public sector sales for Akamai, said zero trust is not a new idea, but one that is about five years old. It promotes the simple concept that trust is not an attribute of location, and just because an employee is trusted inside perimeter, it doesn’t mean he or she should be granted access to all the information.

The National Cybersecurity Center of Excellence has released fresh guidance on derived personal identity verification credentials in the an ongoing federal challenge of improving cybersecurity for people using mobile devices.

Radiant Logic’s differentiator is a three-letter phrase called “federated identity service.” This gives system administrators the flexibility to handle identity management quickly and safely.

Today’s cybersecurity threat landscape has completely changed from the years where a Common Access Card (CAC) or Personal Identity Verification (PIV) card could provide reasonable security. For example, in 2015 the United States Central Command Twitter account was hacked. The Department of Defense has limited ways to secure this resource well beyond any kind of current identity control.

The department’s Homeland Security Information Network (HSIN) now has the ability to give access to users based on their job functions and attributes, not merely the person’s name or employee number. Donna Roy, executive director of the Information Sharing Environment Office at DHS, said that capability is helping the department build trusted identity exchanges.

A message to the fleet dated Feb. 5 says administrators of all unclassified systems have only one week left to implement two-factor authentication using Common Access Cards.

Host John Gilroy discusses PIV and PIV-I with Patrick Hearn of Oberthur. October 5, 2010