Experts say culture hinders single smart card

The technology exists to create a governmentwide smart card program, but cultural issues and a lack of top-level management support stand in the way of implementation, experts testified today.

A single government smart card is possible, but managerial and policy differences create difficulties, said Joel Willemssen, managing director of information technology issues at the General Accounting Office.

"It would probably be very difficult to standardize it from a management and policy perspective," Willemssen testified today at a hearing of the House Government Reform subcommittee on technology, information policy, intergovernmental relations and the census.

Agencies have different security clearances and access controls. GAO identified 62 smart card initiatives in varying stages at 18 agencies, Willemssen said. One of the next steps, he said, is establishing a governmentwide employee credentialing policy to streamline employee clearances.

"Once you set that policy, then the technology can follow," he said.

Introducing smart cards for physical access or systems access is often met with hesitation, said Sandra Bates, commissioner of the General Services Administration's Federal Technology Services.

"We've identified that the technology's there," Bates told subcommittee chairman Rep. Adam Putnam (R-Fla.). "We're also talking now about a cultural change, and there are barriers. It's gaining acceptance and top management support."

Obtaining the resources for infrastructure and software is also a major challenge, Willemssen said. The costs can be high, particularly if biometrics and public key infrastructure technologies are included, he said.

Ken Scheflen, director of the Defense Department's Defense Manpower Data Center, agreed. "The infrastructure costs and enabling technologies are the hard part because you really have to change the way people do business," he said.

The Defense Department completed the roll out of the infrastructure for its smart card program in July. The program, Common Access Card, is the most advanced smart card program in the world and can serve as a model for other agencies, Scheflen said.

The government needs smart card standards for interagency interoperability, experts said. The standards would outline the common features of each card, then agencies could add capabilities, Bates said. "Some agencies will always have unique requirements and traits, and that's OK, but you have to have a baseline," she said.

GSA and the National Institute of Standards and Technology have taken steps to create those standards. NIST officials have published two versions of their smart card specifications and are working with agencies and industry partners on program requirements. Similarly, GSA established an Interagency Advisory Board, including NIST and other agencies, to refine the specifications. They also awarded a smart card contract in May 2000 to five vendors to provide smart card services across the government based on these standards.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.