1 / 7

Information & Updates April 2012

Information & Updates April 2012. HSPD-12 at NIH. HSPD-12 is a government-wide mandate to safeguard the Federal community, information, systems and facilities through identity certification and access management.

zitomira
Download Presentation

Information & Updates April 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information & Updates April 2012

  2. HSPD-12 at NIH • HSPD-12 is a government-wide mandate to safeguard the Federal community, information, systems and facilities through identity certification and access management. • HSPD-12 requires the use of smart cards such as an HHS ID badge (PIV card) to gain access to Federal facilities (physical access) and networks (logical access). • NIH is currently focused on transitioning to the use of smart cards to access NIH information systems and networks. This is an important initiative at NIH because the security of our information systems has been identified as a top priority area of risk. • Complying with HSPD-12 is part of NIH's risk mitigation strategyas the use of smart cards and two factor login (something you have, like your smart card, plus something you know, like your PIN) is more secure than single factor login (a username and password). • Ultimately, complying with HSPD-12 will strengthen NIH’s defenses against data theft and security breaches and help to protect our research and patients. Continued Implementation of HSPD-12 at NIH

  3. Upcoming Milestones • NIH recently completed the first phase of this initiative on February 29, 2012 when the mandatory use of two-factor authentication for VPN remote access was implemented. • We are currently working towards the next two milestones: June 18, 2012: The Integrated Time and Attendance System (ITAS) will require smart card authentication from Windows computers. An HHS ID Badge (a type of smart card) and PIN will be needed to log in and the option to use a username and password will go away. Note: Username and password access to ITAS will still be supported for Blackberry devices and Mac computers. March 29, 2013 (with interim dates based on IC size): Smart card authentication will be required to access the NIH network on government furnished Windows computers. An HHS ID Badge and PIN will be needed to log in or else the computer will log a user off the machine. Macs, scientific and emergency equipment are excluded at this time. Note: This will be phased-in between now and March 2013 in order to balance available support resources. Continued Implementation of HSPD-12 at NIH

  4. Logical Access Roll-out ScheduleWith New ITAS Phase

  5. What is Needed for Smart Card Authentication • An HHS ID Badge (“PIV”) is a type of smart card that can be used to log in to the NIH network and systems like ITAS. • There are five key elements that users will need in order to successfully login. Specific information about each of these items which can be shared within your communities is available from the following website: http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx • Additional support material will be posted to this site as it becomes available so please check it often. Continued Implementation of HSPD-12 at NIH

  6. Next Steps: What is Happening Now for ITAS & Network Lockdown Unions • The HSPD-12 Program Team is working with Employee and Labor Relations on the impacts to employees and the bargaining units. Pilots • ORS, OCIO, and CIT are currently participating in pilots and providing us with important lessons that will inform the roll-out to all of NIH. Preparation of Support Services • Training and user guides for the NIH Service Desk, IC Service Desks, and IC Lifecycle Workstation operators are underdevelopment. Resource Management and Self-Service • Shared support resources like the NIH Service Desk and Badge Issuance Stations have limited capacity. • Self-service at both the individual and IC level are a critical component of the roll-out strategy. • This includes Lifecycle Workstations (LWSs) which are owned and operated by ICs, and a new desktop certificate renewal module which can be installed on an individual’s computer. This module is in final testing and will be made available soon. • Training for LWS operators and testing of the module are currently underway. Communication Planning • A full Change Management / Communications plan is being developed to support all of the stakeholders impacted by this program.

  7. Next Steps: How ICs Can Start Preparing for ITAS & Network Lockdown • Card Readers • Make sure card readers are installed on machines, starting with FTEs, so users are able to test and use their HHS ID Badges for smart card login. • Lifecycle Workstations (LWS) • Primary responsibility for PIN resets and cert renewals will be IC-owned LWS’. • LWS Operators received a message on April 19 regarding the upcoming milestones and their role in this transition. • Training is being refreshed for LWS Operators and is available at: http://www.ors.od.nih.gov/ser/dpsac/training/Pages/lifecycle.aspx • A complete list of NIH LWS Operators can be found at: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx • It is recommended that LWS Operators save and publish blocks of time when they will be available to support PIN resets and cert renewals for individual within their IC as well as individuals from other ICs that are co-located • Please note: LWS machines cannot issue badges. • If an individual has a stolen or lost HHS ID Badge, their AO who must submit a new badge request, via the NIH Enterprise Directory (NED), to the Division of Personnel Security and Access Control (DPSAC) which oversees badge issuance. If an individual has a broken badge, they should go directly to DPSAC. • On-campus DPSAC support: http://www.ors.od.nih.gov/ser/dpsac/about/Pages/hours.aspx • Remote location support: http://www.ors.od.nih.gov/ser/dpsac/resources/Pages/satellite.aspx

More Related