Private sector sees barriers to new identification system

Federal agencies are at risk of missing an October deadline for implementing a new employee and contractor identification card system that meets requirements in a presidential directive, private sector information technology firms said in response to a recent survey.

More than three-fourths of the private sector IT officials surveyed by the Bedford, Mass.-based company RSA Security Inc. said they believe that for agencies to successfully implement Homeland Security Presidential Directive 12 (HSPD-12), the Oct. 27 deadline for starting to issue badges must be extended.

An Office of Management and Budget spokesman said Monday that extensions have not been granted, and Jeanette Thornton, OMB senior policy analyst for HSPD-12 and e-authentication, said Tuesday she is not aware of any extension requests.

The survey, the results of which RSA released Tuesday at the 5th annual Smart Cards in Government Conference in Arlington, Va., captured responses from 44 officials representing 25 government-serving IT companies. Seventy percent of respondents cited a lack of transition plans for helping noncompliant agencies meet the mandate's requirements.

The survey also found that many of the firms do not believe agencies view HSPD-12 as an opportunity to lay the foundation for longer-term identity and access management.

Shannon Kellogg, RSA's director of government and industry affairs, said the responses show that agencies have made HSPD-12 a moderate priority. Private sector firms also are experiencing confusion and funding questions, he said.

A lack of interoperability among systems was identified by 59 percent of respondents as the largest obstacle to implementation. One quarter said political issues, such as existing agency hierarchies, are the largest obstacle, while 7 percent pointed to financial issues.

In February, the Government Accountability Office (GAO-06-178) found that six agencies -- the Defense, Homeland Security, Interior, Housing and Urban Development and Labor departments, and the National Aeronautics and Space Administration -- face "significant challenges" in meeting the directive.

Randy Vanderhoof, executive director of the Smartcard Alliance, an industry-led group working to speed up the use of high-tech credentialing, told Government Executive last week that agencies' ability to meet the deadline varies.

"Some agencies sat on their hands and did absolutely nothing over the past two years and are now saying they can't meet it," Vanderhoof said. "Others have been working hard to get their policies and systems in line."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.