Security Dealer & Integrator

JUL 2016

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link: http://sdi.epubxp.com/i/703941

Contents of this Issue

Navigation

Page 65 of 109

64 Security Dealer & Integrator / www.SecurityInfoWatch.com July 2016 hen the federal government decides to use a common technology across the entire enterprise, it is an important event. It means that every department and agency will have to update and/or replace systems, so industry pays particular attention. Such has been the case with FICAM — the Federal Identity, Credential, and Access Management standards, which are meant to provide a common set of standards, best practices, and implementation guidance for federal agencies. With what seems like a constant change to the requirements, under- standing the challenges around deploy- ing a FICAM PACS solution provides an opportunity for security integrators to strengthen their trusted advisor role in providing support to government security managers and customers. The Steps to FICAM Development In August 2004, President George W. Bush signed Homeland Security Pres- idential Directive (HSPD) 12. is outlined objectives for a new standard — including streamlining (cost-saving) government processes, increased pro- tection of personal privacy and addi- tional measures to prevent unautho- rized access to government resources and facilities. e National Institute for Standards and Technology (NIST) is the regulating body responsible for cre- ating government standards. NIST created Federal Information Processing Standard publication 201, also known as FIPS 201, as a federal standard in response to HSPD-12. FIPS 201 — "Personal Identity Verification (PIV) of Federal Employees and Con- tractors" — is broken into two parts: the first defines requirements of a role- based identity verification and card issuance system; the second defines the card technology and application of the credential (PIV card) for interoperable use throughout the government. In the latest guidance to Executive Branch federal agencies, the FICAM Roadmap and Implementation Guide requires a more robust solution to pro- viding identity validation and stan- dardizing controls around identity and access management. Agencies also stand to gain significant benefits around security, cost and interoperability. Six Common Challenges 1 Keeping Informed: Perhaps the biggest challenge in serving the federal government mar- ket is keeping up with new regulations and requirements. NIST, as well as the General Services Administration (GSA) and Office of Management and Budget (OMB), all publish guidance documentation that can be hundreds of pages. Organizations may not have the bandwidth or skill sets to have all of their staff up to date and therefore rely on designating Subject Matter Experts (SME) to provide this level of expertise. Access Control Six challenges to deploying a government PACS solution, and how to overcome them By Derek Greenland, CSEIP, CSPM Fulfilling W FICAM

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Dealer & Integrator - JUL 2016