HSPD 12 Solution - Slam Dunk?
I was in our nation's capital yesterday for some meetings, one of which centered on HSPD-12. Specifically, what are agencies doing given the lack of guidance in the Presidential Directive other than do something by October 27th?
In a word - scrambling.
There were some interesting things that were discussed, specifically what HSPD-12 actually means agencies need to do to satisfy requirements fully and what really needs to be done by October 27th. What came out of the discussions was that agencies are focused on implementing a Physical Access Control (PAC) solution for new employees only. In my opinion this is smart for two reasons - focusing on this population means you get to see what the process should be with a smaller population without the baggage of the as-is process, and these are the most risky users to any agency - unknowns.
The other interesting thing we discussed was that there seems to be such a laser focus on PAC solutions that are card or biometric based, with little vision to the next iteration of HSPD-12 compliance which is Logical Access Control (LAC) which includes networks & IT infrastructure.
What I immediately picked up on was that these agencies will go through satisfying the guidance twice - once for PAC and once for LAC. The other thing I figured out after the meeting is that vendors and integrators are supporting this vs. doing the right thing in my opinion which as an integrator - pick a PAC and integrate a LAC solution on the same platform. One platform to support, and even better is that there is one platform to implement, you just do it in two phases.
We cooked up a viable solution by the end of the meeting that covers both PAC & LAC and I will be talking to Federal SI's and PAC system vendors since I will bring the LAC component to the table with integration in 4-6 weeks, which means there are 6 weeks to implement the early adopters, sign up others, and give every agency not only the PAC solution for HSPD-12 but the LAC part too.
If you're a Federal SI, email me - identitystuff @ gmail.com. We should talk...
I'll keep you all posted...
In a word - scrambling.
There were some interesting things that were discussed, specifically what HSPD-12 actually means agencies need to do to satisfy requirements fully and what really needs to be done by October 27th. What came out of the discussions was that agencies are focused on implementing a Physical Access Control (PAC) solution for new employees only. In my opinion this is smart for two reasons - focusing on this population means you get to see what the process should be with a smaller population without the baggage of the as-is process, and these are the most risky users to any agency - unknowns.
The other interesting thing we discussed was that there seems to be such a laser focus on PAC solutions that are card or biometric based, with little vision to the next iteration of HSPD-12 compliance which is Logical Access Control (LAC) which includes networks & IT infrastructure.
What I immediately picked up on was that these agencies will go through satisfying the guidance twice - once for PAC and once for LAC. The other thing I figured out after the meeting is that vendors and integrators are supporting this vs. doing the right thing in my opinion which as an integrator - pick a PAC and integrate a LAC solution on the same platform. One platform to support, and even better is that there is one platform to implement, you just do it in two phases.
We cooked up a viable solution by the end of the meeting that covers both PAC & LAC and I will be talking to Federal SI's and PAC system vendors since I will bring the LAC component to the table with integration in 4-6 weeks, which means there are 6 weeks to implement the early adopters, sign up others, and give every agency not only the PAC solution for HSPD-12 but the LAC part too.
If you're a Federal SI, email me - identitystuff @ gmail.com. We should talk...
I'll keep you all posted...
posted by Mark Mac Auley at 7/26/2006
Get My Identitystuff Newsletter
0 Comments:
Post a Comment
<< Home