Businesses weigh HSPD-12 costs

Small businesses are assessing the cost of obtaining certification for the products they hope to sell to government agencies implementing Homeland Security Presidential Directive 12, which requires agencies to issue secure identity cards to their employees and contractors.

Vendors must have their products tested and certified by an accredited laboratory before they can offer HSPD-12 solutions for products ranging from personal identity verification (PIV) cards to card readers and middleware. Products must meet the standards set by the National Institute of Standards and Technology, as stated in Federal Information Processing Standards (FIPS) Publication 201.

Agencies must begin issuing interoperable FIPS 201-compliant PIV cards to employees and contractors by Oct. 27.

Companies are responsible for paying for product testing, and costs will vary depending on the number and complexity of the tests and the product or service under examination.

“These standards and testing policies may affect small-business concerns in terms of their ability to compete and win federal contracts,” according to a Federal Register notice of the testing requirement. It said the impact will vary “depending on the nature of the product/service being validated [and] the approval process for vendor products and services.”

Nevertheless, small-business owners are treating certification costs as a necessity of doing business, even without knowing how much those costs will affect their bottom lines.

Smaller organizations might need to join with other companies to overcome the costs of those testing protocols, said Rebecca Moericke, HSPD-12 project manager at Precise Biometrics, a small fingerprint authentication business. “But it’s essential that the government be provided [with] security and competence in the procurement process,” she said.

HSPD-12 requirements have always kept small businesses in mind, Moericke said. If certification leads to a better solution and increases the chances of a sale, it outweighs the costs of getting the products tested and certified, she said.

“For the [General Services Administration] certification, as far as I can tell, there’s minimal cost other than personnel and resources,” Moericke said. “And it is necessary.”

Some vendors say they are more concerned about the cost of creating products that will meet HSPD-12 standards than the cost of certifying them.

Nicholas Miranda, a senior associate at Diamond Management and Technology Consultants, said he didn’t think the cost of certification was a problem. “A cost element will always be present,” he said. “In this case, abiding by [FIPS 201] standards seems to be an expected upfront cost, simply part of expected operational costs or day-to-day business costs.”

Small businesses face one problem, however, that cash can’t resolve. Miranda said small businesses must factor in the time associated with a lengthy testing and certification process. “What does seem to be a large hurdle is the time it takes to become certified,” Miranda said. “One might argue revenue streams are lost due to the process.”

The time factor becomes even more important as the Oct. 27 deadline approaches, he added.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group