CIO Council to consider smart card rule
- By Nancy Ferris
- Mar 18, 2004
A proposed policy requiring all federal agencies to use smart cards for employee IDs is awaiting approval by the CIO Council after being adopted by the Federal Identity and Credentialing Committee.
General Services Administration officials said the policy would become official if the Office of Management and Budget issues it after action by the CIO Council. They described it as a major milestone in the development of a governmentwide identification system.
GSA coordinates the work of the committee, an interagency group that works with the CIO Council and the E-Authentication team at OMB.
The draft policy has no deadlines for agency action, but it states that "agencies should begin planning for migrating their current access control systems, both physical and logical, in order to conform to this policy."
The policy calls for agencies to adopt standards that will make the cards interoperable across the federal government's sensitive but unclassified networks. That way, a federal employee or contractor visiting another agency's offices could simply wave his or her card at the reader and be recognized. A virtual visit to another agency's internal Web site, if invited, also would be facilitated.
The credentials committee also approved a draft certificate policy that also goes to the CIO Council and then OMB for approval. It describes how smart card users will be validated and their identities certified.
Earlier this month, GSA issued an official solicitation for bids to supply smart card services that comply with the federal standards and the certificate policy. That solicitation is expected to result in a list of qualified bidders by the end of June. The next step will be a set of GSA schedule contracts, according to the announcement.
Taken together, these actions represent a leap forward on E-Authentication, which has long been considered one of the most difficult but important initiatives on the president's e-government agenda. Once in place, E-Authentication is expected to streamline security for individuals and reduce agency costs while strengthening security of the government's information and its premises.
Ferris is a freelance writer in Chevy Chase, Md. She can be reached at email@example.com.