News
HSPD 12 Compliance Causes In-Depth Security Strategy Examination
U.S. officials are looking beyond existing access control and employee identification systems for HSPD 12.
By Paul Kerstein
August 29, 2006
—
CSO
—
As the Oct. 27 compliance deadline for HSPD 12, the government’s identity standard initiative, bears down on U.S. agencies, officials are looking beyond existing access control and employee identification systems, Security Director News reports.
According to the article, government agencies and departments are finding that compliance with HSPD 12, which requires a smart card-enabled credential that will grant federal employees and contractors access to all federal facilities and networks, is forcing them to look at the non-technical side of their security operations as well.
Officials at the Department of Health and Human Services (DHHS) had to rethink their own background screening processes and fine-tune non-equipment-related issues in order to prepare the department’s 4,400 buildings and more than 68,000 employees for the new standards, the article reports.
This included clarifying the level of background checks necessary for each position so screening wouldn’t be duplicated, migrating to an electronic fingerprint and background application for government clearance, and starting a training program that will school human resource and contracting officers on how to classify the sensitivity of different positions within the agency, Security Director News reports.
"Our intent was to build a foundation so the house wouldn’t crumble once we implemented the technology side," Mario Morales, director of the HSPD 12 program office for DHHS, told Security Director News.
The DHHS includes the Food and Drug Administration, Centers for Medicare and Medicaid Services and the National Institutes of Health, and has more than 100 different cards in use.
"In attacking the problem, we also had to figure how to be interoperable amongst ourselves," Morales told Security Director News.
The article states that the agency has also developed a technological solution to the HSPD 12’s common platform. It has a tri-interface reader that allows for a temporary, but compliant solution.
For an in-depth examination of HSPD 12, read HSPD12: The United States of Access Control and How HSPD 12 Works on CSOonline.
Other stories by Paul Kerstein
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
- Make Compliance Regulations an Ally Not an Enemy
- Protecting Sensitive and Confidential Information with Endpoint Security
- Endpoint Security: Compliance at the Endpoint
- Revolutionizing Endpoint Security with a Single Agent
- Data Protection: Challenges for the Traveling User
- View Gartner Video: Best Practices on Web Application Security
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Executive Seminar on Application Security
-
January 29, 2009New York, New YorkRegister now »
-
February 25, 2009San Francisco, CaliforniaRegister now »
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
