Feds start small on smart ID cards

Computerworld - Several federal agencies said they will meet an Oct. 27 deadline for starting to issue smart ID cards to workers, but some of the initial rollouts will involve only a small number of cards.

Several federal agencies said this week that they're ready to start distributing smart ID cards to workers by Oct. 27, as mandated by a directive issued in 2004 by President Bush. But some of the initial rollouts will be very small and will focus solely on controlling access to buildings  not IT systems.

For instance, the U.S. Social Security Administration became at least technically compliant with the directive this week when it issued one of the new ID cards to Commissioner Jo Anne Barnhart. SSA spokeswoman Kia Green said the agency expects to hand out more cards in the coming weeks but is "still in the process of finalizing the details." She added that the SSA hopes to issue cards to all of its employees and contractors by the end of September 2008, which is the deadline for doing so.

Another agency that said it will meet this week's deadline in a small way is the U.S. Environmental Protection Agency. The EPA plans to issue the so-called personal identity verification, or PIV, cards to "a small handful" of employees, said spokesman Dale Kemery. But he added that because of budgetary and technical considerations, making the ID cards available across the 18,000-worker agency will be "a fairly long rollout." He declined to provide more details.

Matt Neuman, director of business development at Jacob & Sundstrom Inc., a Baltimore-based systems integrator that is helping the SSA with its smart-card implementation, said that many agencies appear to be ready to meet "the letter of the law, if not the spirit of the law" on issuing the PIV cards. "But it at least shows that everybody is focused on it," he said.

The use of PIV cards for verifying the identities of all federal workers and contractors was mandated by Homeland Security Presidential Directive 12. The unfunded HSPD-12 mandate specified that agencies adopt a common identification credential for access to both government facilities and computer systems.

The Oct. 27 deadline and an earlier one calling on agencies to develop procedures for verifying the identities and backgrounds of all workers by last October were both considered exceptionally aggressive because of funding issues and the technology and process changes that are required.

Robert Langston, director of the office of security and emergency planning at the U.S. Department of Housing and Urban Development, said last week that HUD hopes to begin producing fully functional PIV cards by Wednesday "and then continue to do so for all new employees and contractors from that point forward."