Building the PIV team

HSPD-12 touches more than just IT

By October, agencies are supposed to begin issuing Personal Identity Verification smart ID cards. Adoption of an interoperable ID across government under Homeland Security Presidential Directive 12 should help strengthen authentication for physical and logical access to federal facilities and resources.

But authentication is only one part of the broader, more complex goal of access control.

'Any strong authentication measure we can put in place is one piece of the puzzle,' said Deepak Kanwar, director of product management for SafeNet Inc. of Belcamp, Md., which helps enterprises manage digital identities.

Other pieces of the puzzle include identity and account management, access policy and enforcement, and legal, regulatory and audit requirements.

'This is whole lifecycle management,' Kanwar said. 'Unless you have a process in place, you're not going to have security.'

Because of the need to integrate authentication technologies with policies, access-control projects often come with a high cost and high level of complexity.
Stakeholders in the project, in addition to the IT and network security offices, can include:
  • Human resources, which usually is the owner of the data upon which the system depends. Timely, accurate and reliable HR feeds are necessary to provision and deactivate accounts.

  • The help desk, which must field calls when a user forgets a password, loses a token or does not get the expected access.

  • Physical security. Traditionally, there has been little interaction between the guys with the badges and guns and the guys in IT. But with a single card to manage both, they become pieces in the same puzzle.

  • The legal department, which will want to pass judgment on access policies.

  • Auditors, both internal and external, who will pass judgment on execution of those policies.

  • The owners of the applications, who usually decide who gets access.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected