DETROIT – A recent mandate from President Bush has finally made it a high priority to consolidate the diverse security access processes and systems in use by our federal government today. The memo requires the entire federal government to adopt a common technology to be used to identify employees and contractors accessing federal networks and buildings.
The timeframe for this edict (Presidential Directive 12, signed late last month) requires new standards and policies for security access to be developed for all government agencies in the next six months. Agencies are further required to create programs within four months after the standards are issued and be ready to go operational for systems and physical access within eight months after that.
This is an aggressive timeline for an enormous organization to react to efficiently. While many agencies involved cite their agreement with the directive, it?s still clear that this is a little like asking an elephant to tap dance. If recent history is any indication, it will prove difficult at best for government agencies to comply. The General Accounting Office (GAO) has recently reported that only 24 of the last 52 smart card projects undertaken by federal agencies in January of 2003 are either still alive or in production. All others were discontinued, folded into other pilots or seen as unfeasible.
Some estimate the total number of government employees and contractors affected by this directive to be in the range of 60 million, which will drive enormous expenditures on technology coming out of multiple government agencies in the near future. This is great news for business, and presents a once-in-a-lifetime opportunity for companies providing the technology that these agencies will seek. The National Institute of Standards and Technology (NIST), which will be determining the standard by which agencies will comply, have been working toward this goal for more than a year. Based upon media coverage on this issue (Network World, Sept. 20), it looks like PKI digital certificates, biometrics and smart card technology will be the preferred technology path.
It will be interesting to see how this directive at the federal level translates down to the state, county and municipal levels. Because once all federal agencies are able to operate (from a security perspective at least) as one cohesive entity, the need will become obvious for states to follow suit. Michigan has a head start on many states technologically, and so I am expecting that our state will continue to lead in this direction moving forward.
For a more in-depth look at this, refer to www.nwfusion.com, docfinder:3841
If you would like to respond to this article, email Hans Erickson, CIO at the Detroit Regional Chamber, at [email protected]. Erickson is a member of Michigan InfraGard.
Infragard members are solely responsible for the content of their articles. Nothing in this publication necessarily expresses the views of Michigan Infragard or any federal agency.
