In Brief
FIPS 201: ID Cards Unleashed
What FIPS 201 federal smart cards could mean for corporate America
By Sarah D. Scalet
September 01, 2006 — CSO — Regardless of how many federal agencies can actually issue ID cards that are compliant with the Federal Information Processing Standard 201 (FIPS 201) by Oct. 27, observers say that the new standards are already making an impact outside of the U.S. government.
That's because the vendor community has been forced to start creating nonproprietary, interoperable products. "I think we'll all benefit from the work," says Gary Klinefelter, chairman of the Open Security Exchange, a trade group created in 2003 by physical and information security vendors. "Corporate America will be able to use those same products."
The work on products is a result of Homeland Security Presidential Directive 12 (HSPD 12), which calls for all 5 million-plus federal employees and contractors to be given a common identification card that can be used at all federal facilities (see United States of Access Control. Michael Butler, chief of smart card programs for the U.S. Department of Defense, who is working with the General Services Administration to implement HSPD 12, says the new standards have already pushed down prices.
"We have saved a ton of money on physical security systems," says Butler, who is working in seven locations on pilot programs involving smart cards. "Whenever you bring competition into a very proprietary industry, like smart cards and physical security, there are payoffs."
Observers expect two things. One, as prices come down, more Fortune 500 employers will upgrade their systems and issue employee ID cards that work for both physical and logical access. Two, as more federal employees are issued standardized ID cards, those cards are likely to be recognized by nongovernmental entities.
Consultant Steve Hunt of 4A International says that once there is a critical mass of government employees using the card, "you can be sure Wal-Mart is going to start taking them to fill prescriptions and Bank of America will use them to open accounts." When that happens, he adds, "you can be sure that every business on the planet is going to use the cards as identification."
Other stories by Sarah D. Scalet
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
- Make Compliance Regulations an Ally Not an Enemy
- Protecting Sensitive and Confidential Information with Endpoint Security
- Endpoint Security: Compliance at the Endpoint
- Revolutionizing Endpoint Security with a Single Agent
- Data Protection: Challenges for the Traveling User
- View Gartner Video: Best Practices on Web Application Security
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Executive Seminar on Application Security
-
January 29, 2009New York, New YorkRegister now »
-
February 25, 2009San Francisco, CaliforniaRegister now »
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
