Issue link: https://securitytechnologyexecutive.epubxp.com/i/107544
ACCESS CONTROL By Alan Fontanella SECURE ISSUANCE ly lessons and strategies that can hit home for private-sector security executives tasked with issuing cards on a daily basis in industries such as healthcare and large corporations. Advancements in secure issuance solutions — including printers, card materials and software — are making it easier to meet the latest issuance guidelines by incorporating critical visual and logical technologies, and using multi-layered management procedures that improve issuance system security and efficiency. Security executives in any market can take a lesson from federal and other government ID card programs W 26 hile any ID card can benefit from visual and logical technologies for enhanced security, it is particularly important that these technologies be used in Federal and other government identity applications — including driver's licenses, permanent resident or "green" cards, and ID cards used by federal agencies and the military, such as the Common Access Card (CAC) issued by the Department of Defense (DoD), and the personal identity verification (PIV) card used by federal agency employees and their contractors. Each of these ID cards is issued according to guidelines established by its issuing body, but all are influenced by the Department of Homeland Security (DHS). While the focus here is on card issuance for the government, there are certain- SECURITY TECHNOLOGY EXECUTIVE • January/February 2013 The DHS Influence One of the most far-reaching initiatives is Homeland Presidential Directive 12 (HSPD-12), which established a government-wide standard for identity credentials to improve both logical and physical access control. HSPD-12 requires the use of a standard credential by all federal employees and contractors to access federally controlled facilities, as well as for logical access to federal information systems. In Feb. 2005, the National Institute of Standards and Technology (NIST) released the required standard as Federal Information Processing Standards Publication 201 (FIPS 201). The associated credential is called the Personal Identity Verification (PIV) card. PIV cards leverage smart card and biometric technology, and also support strong authentication methods both on the desktop and at the door. FIPS 201 has had far-reaching implications: the cards have not only impacted federal agencies, but also their contractors and even commercial business and state and municipal government organizations, as well as the military's Common Access Card (CAC), which has become the most widely used DoD identity credential. According to DHS, preventing terrorists from obtaining state-issued ID documents is critical to securing America — which has a direct impact on driver's license issuance. DHS has established minimum standards for driver's licenses and ID cards that federal agencies accept for official purwww.SecurityInfoWatch.com