Are you not sure what level of access security a Federal facility needs? You are not alone. The OMB, NIST, ISC, FISMA and ICAM all have issued a myriad of guidance regarding PIV strong authentication. With no single source providing a comprehensive path, many find that following the requirements can be a challenge.
However, with the guidance from the White House and DHS in OMB 11-11 in 2012 and the GSA Procurement Language for “Enabling Strong Authentication with Personal Identification Verification (PIV) Cards, dated June 24, 2013 it is clear that all Agencies should specify use of PKI Card Readers that provide for Level 2 “SOME” assurance in 1-Factor mode and Level 3 “HIGH” Assurance in 2-Factor mode.
Designing for Level 1 where there is “NO” assurance in the PIV Card being presented for access is simply not in step with future guidance. For example, the ICAM road map emphasizes using the traditional CHUID read only in “extremely low risk areas.”
To learn more about whether you building needs high assurance, order BridgePoint’s White Paper that provides an overview of the entire HSPD-12 program from the Presidential Mandate in 2004 to ICAM in 2011. You can order your copy at HSPD-12 White Paper.