Challenges

The Federal Emergency Management Agency (FEMA) provides the foundation for disaster planning and response in the United States when local and state government agencies require support. Now part of the Department of Homeland Security, FEMA’s headquarters is in the heart of the nation’s capital, bustling with activity, and is considered one of the busiest federal facilities. The Washington, D.C. office is visited by hundreds of people each day, with a high number of cross-over visits from other federal agency employees.

With the advent of HSPD-12 and OMB M-11-11, FEMA began the process of leveraging the full capabilities of Personal Identification Verification (PIV) credentials now in the possession of 4.5 million federal employees and contractors.

In late 2010, Tyco Integrated Security, Federal Systems Division, began working with FEMA to execute a two-phase process of registering its employees’ PIV cards into its enterprise-wide physical access control system (PACS). Next, it deployed a new web-based visitor management system to electronically validate visitors’ PIV cards and provide an electronic visitor audit-trail.

“What FEMA is doing sets them apart,” said Don Woody, Senior Technology Manager, Federal Systems Division with Tyco Integrated Security, who directed the deployment at FEMA’s Washington, D.C., facility. “By streamlining its visitor management process, FEMA now has a high-assurance credentialing system that is seamlessly integrated to its PACS, is HSPD-12 compliant, and reduces manpower required to process, track and escort visitors.”

Solutions

FEMA streamlined its PIV registration process by using HID Global’s pivCLASS Registration Engine and several dedicated workstations to read, validate, authenticate and automatically register each FEMA PIV card into its existing PACS. Now, the process to register a fully-vetted PIV card into the PACS takes less than 30 seconds.

Results

The new visitor management system allows for web-based pre-authorisation of visitors. When guests from another agency arrive in the lobby and they present their PIV card to the security officer or lobby attendant, the PIV credential is placed into a smart card reader. The visitor then enters the card’s PIN on a pin pad and if it matches the PIN encoded on the PIV credential the cardholder is prompted to match their fingerprint biometrically. After a match, the system checks the PIV card’s digital certificate against the certificate authority revocation list to ensure the card is not revoked.

After the full electronic validation process, the visitor is granted permission to enter the facility. In addition, the visitor’s PIV card can be registered into FEMA’s PACS, if needed for future visits.

“FEMA is one of the few government agencies that has standardised its access control system and is using the full electronic capabilities of its PIV credentials,” said Geri Castaldo, vice president, Business Development, Federal Identity with HID Global. “Becoming HSPD-12 and OMB M-11-11 compliant doesn’t have to be a daunting process and FEMA is an example of a success story.”

Download HID White Paper: Best practices for integrating mobile into the access control architecture now!

Download PDF version Download PDF version

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...