Letter: Smart card advice for a smooth transition
It is actually much easier to prepare the network to accept smart cards for log on while accepting both a user name and password or PIV card/PIN for log on.
What do you think? Paste a comment in the box below (registration required), or send your comment to (subject line: Blog comment) and we'll post it.
Regarding, "GAO: HSPD-12 program needs clear goal," a reader writes: I have a few years of experience with HSPD-12 and smart card enablement. I have noticed it would be helpful if agencies could enable their IT infrastructure to accept smart cards for authentication
prior to a massive smart card issuance.
It is actually much easier to prepare the network to accept smart cards for log on while accepting both a user name and password or PIV card/PIN for log on. Once an agency enables the infrastructure to accept the credentials for either network log on, application log on, or digital signatures in workflow the easier it will be on employees transitioning to using a card for all of these actions on their computer. Otherwise, if an agency issues a massive number of badges to the employees with out having anything they can use the badge for when they return to their computers/desk the employees will forget their pins and need to return to have them reset when an IT component is PK-enabled.
Another issue I have noticed is the lack of COTS products integrating smart card authentication out of the box and it will cost agencies across the board more money to enable/customize these applications for smart card use. COTS vendors should step up and customize their products prior to integrating into an agencies infrastructure to accept a smart card.
Finally, in general there are so few in the IT workforce that specialize in smart card enablement the resources are spread thin when trying to integrate smart cards into all government IT systems.
Anonymous
letters@fcw.com
prior to a massive smart card issuance.
It is actually much easier to prepare the network to accept smart cards for log on while accepting both a user name and password or PIV card/PIN for log on. Once an agency enables the infrastructure to accept the credentials for either network log on, application log on, or digital signatures in workflow the easier it will be on employees transitioning to using a card for all of these actions on their computer. Otherwise, if an agency issues a massive number of badges to the employees with out having anything they can use the badge for when they return to their computers/desk the employees will forget their pins and need to return to have them reset when an IT component is PK-enabled.
Another issue I have noticed is the lack of COTS products integrating smart card authentication out of the box and it will cost agencies across the board more money to enable/customize these applications for smart card use. COTS vendors should step up and customize their products prior to integrating into an agencies infrastructure to accept a smart card.
Finally, in general there are so few in the IT workforce that specialize in smart card enablement the resources are spread thin when trying to integrate smart cards into all government IT systems.
Anonymous
letters@fcw.com
NEXT STORY: Managers advised to plan for transition