Cyber Security Report Addresses Identity Management Issues

KCarroll's picture

Recently, the Obama administration released a report on the state of cyber security in this country and offered recommendations for securing and protecting cyberspace.

The administration has already implemented one of the recommendations - “elevating leadership for cyber security-related policies at the White House.”

TechAmerica, the leading industry organization giving the United States technology community a voice in cyber-related issues, praised the report for its vision. While the report covers a wide range of topics from strengthening federal leadership and accountability for cyber security to increasing cyber security education, its discussion of identity management issues affects many TechAmerica members, including HID Global. As the report states, “we cannot improve cyber security without improving authentication…”

With the convergence of physical and logical access control accelerating in both the public and private sector, secure authentication deserves center stage. Secure authentication can also enhance privacy by ensuring that individuals trying to access personal information are who they say they are.

Citing Homeland Security Presidential Directive 12 (HSPD-12), the report recommends that the Federal government ensures “resources are available for full federal implementation of HSPD-12.” In large part, this addresses the concern that, although nearly 500,000 personal identity verification (PIV) cards have been issued to Federal employees, those cards are often used only as flash passes. This defeats the security inherent in electronic authentication of those credentials.

The report goes one step further in suggesting that such federal identity management systems be extended to “operators of critical infrastructure and to private-sector emergency response and repair service providers.” This would significantly expand the scope of the federal credentialing system.

Private industry, including HID Global, has been working with the federal government to provide solutions that will deliver innovative solutions for physical and logical access control. Building on, and solidifying such public-private partnerships will enhance our country’s efforts to secure and protect cyber space for generations to come.