Social Security Administration ahead of HSPD-12 deadline
- By Dibya Sarkar
- Oct 19, 2006
The Social Security Administration has begun issuing new secure identity cards to its employees and contractors, beating an Oct. 27 deadline imposed under Homeland Security Presidential Directive 12 (HSPD-12) by nine days.
SSA is also the first agency to issue the cards, according to David Simonetti, a senior design architect at Jacob and Sundstrom, which is assisting SSA in deploying the personal identity verification (PIV) cards.
Simonetti said SSA issued the first card Oct. 18. He said during the next 20 months, the agency plans to issue secure cards to its 85,000 employees and contractors at its Baltimore headquarters and 1,600 field offices.
HSPD-12, which was signed more than two years ago, outlined the need for improving the identification and authentication of federal employees and contractors. The National Institute of Standards and Technology (NIST) developed a common technical framework called the Federal Information Processing Standards Publication 201 to satisfy the requirements.
Several federal government officials said the secure cards’ new processes and policies will be a significant change for employees and contractors, but well worth it to improve physical and logical security.
“What we’re embarking upon is highly disruptive to the status quo in how we do business,” said Ed Meagher, the Interior Department’s deputy chief information officer, during an Oct. 19 identity management conference that the Information Technology Association of America sponsored.
“It’s not a card implementation, it’s an organizational change across government,” said David Temoshok, the General Services Administration’s director of identity policy and management.
The three dozen or so municipalities within GSA's National Capital Region are also planning to employ PIV cards for first responders, he added.
To help agencies meet PIV requirements, NIST and GSA provided 22 categories of more than 100 products that agencies can choose from to help with their implementation. Government officials also established a "shared component architecture" that would allow governmentwide sharing of services, such as enrolling employees at one of four issuance nationwide centers.
Simonetti said Social Security Administration officials decided not to use the shared component architecture or outsource other functions. For example, he said officials decided to equip each of its 1,600 field offices with enrollment work stations rather then send them to one of the four enrollment centers or creating more expensive work stations, among other things, which could have cost them $47 million in three years.
Matthew Neuman, business development manager at Jacob and Sundstrom, said it will cost the Social Security Administration about 55 percent less to enroll their employees because they installed cheaper workstations at every single office instead of closing offices and, in some cases, paying for employees' flights to one of the enrollment centers.
Simonetti said the agency must still buy some other technology and software under the HSPD-12 program.
Government officials said the agencies must certify and accredit their systems to ensure they adhere to HSPD-12. They said it will likely be the decision of the agencies’ respective inspectors general to follow up and ensure compliance.
Sarkar is a freelance writer based in Washington, D.C.