Regarding, "GAO: HSPD-12 program needs clear goal," a reader writes: I have a few years of experience with HSPD-12 and smart card enablement. I have noticed it would be helpful if agencies could enable their IT infrastructure to accept smart cards for authentication prior to a massive smart card issuance.
It is actually much easier to prepare the network to accept smart cards for log on while accepting both a user name and password or PIV card/PIN for log on. Once an agency enables the infrastructure to accept the credentials for either network log on, application log on, or digital signatures in workflow the easier it will be on employees transitioning to using a card for all of these actions on their computer. Otherwise, if an agency issues a massive number of badges to the employees with out having anything they can use the badge for when they return to their computers/desk the employees will forget their pins and need to return to have them reset when an IT component is PK-enabled.
Another issue I have noticed is the lack of COTS products integrating smart card authentication out of the box and it will cost agencies across the board more money to enable/customize these applications for smart card use. COTS vendors should step up and customize their products prior to integrating into an agencies infrastructure to accept a smart card.
Finally, in general there are so few in the IT workforce that specialize in smart card enablement the resources are spread thin when trying to integrate smart cards into all government IT systems.
Anonymous
What do you think? Paste a comment in the box below (registration required), or send your comment to letters@fcw.com (subject line: Blog comment) and we'll post it.
View Comments
There are currently no comments to display.
Post a Comment
To post a comment, you must be a registered user of FCW.com and be logged in. Use one of the forms below to login or register for FREE to FCW.com. To protect your privacy, you can use an alias as your username.
