Almost three quarters of all feds have HSPD-12 cards

Tuesday - 12/1/2009, 5:22pm EST

By Jason Miller
Executive Editor
FederalNewsRadio

Without fanfare and almost under the radar of the big administration's technology initiatives, agencies have handed out secure identification cards to more than 3.3 million federal employees.

The Office of Management and Budget has said little about Homeland Security Presidential Directive-12 since President Obama took office, but the program is far from dormant.

OMB's latest report -- as of Sept. 1 -- shows that 73 percent of all federal employees and 64 percent of all contractors have secure ID cards. In all, the government has issued cards to 4.2 million feds or contractors out of the estimated 5.9 million who need them.

Agencies have made significant progress since April when 1.2 million federal employees had HSPD-12 cards. OMB had set an October 2008 deadline for all employees and contractors to have secure identification cards. Agencies did not come close to meeting that deadline.

Several agencies are at or close to issuing 100 percent of its cards to employees, including the departments of Housing and Urban Development, Education, State and the Environmental Protection Agency, according to the latest reports from agencies to OMB.

At the same time, there are several agencies which haven't made a lot of progress, including the departments of Homeland Security, Justice and Health and Human Services.

Additionally, the Chief Information Officer's Council released a new 220-page document Nov. 10 called the Federal Identity, Credential, and Access Management Roadmap and Implementation Guidance.

The council states the document will "provide a common segment architecture and implementation guidance for use by federal agencies as they continue to invest in identity, credential and access management programs. It also seeks to support the enablement of systems, policies, and processes to facilitate business between the Government and its business partners and constituents."

The document also calls for agency leaders to "take ownership of their role" in promoting and implementing identity and access management technologies-both logical and physical access.

The council details several new agency initiatives that would help integrate the different programs and policies. These include 26 performance improvement recommendations, including the need for governmentwide guidance on the use of digital signatures and encryption and the lack of reciprocity among agencies on background investigations, and 32 current performance metrics.

The roadmap also details four governmentwide and five agencywide initiatives.

The governmentwide plans include:

  • Augment policy and implementation guidance to agencies
  • Establish federated identity framework for the government
  • Enhance performance measurement and accountability within identity management and access control initiatives
  • Provide governmentwide services for common identity management and access control requirements

Each of these initiatives has milestones, owners of those milestones and implementation deadlines.

This progress comes as the government is testing the use of commercial ID management providers. The National Institutes of Health is leading a pilot to use the OpenID standard to let employees and other users log into NIH services using their username and password from providers such as Google, Yahoo! or PayPal.

The White House also is working on a new vision for ID management across the government, though it remains silent on its effort so far.

(Copyright 2009 by FederalNewsRadio.com. All Rights Reserved.)