Making Sense of Alphabet Soup

The need for regulatory compliance is impacting the practice of security more than ever before. The ongoing development of new laws and standards requires security directors to maintain a high level of education and knowledge simply to remain ahead of the...


How PIAM can help: PIAM software can help address compliance with rigorous physical identity management requirements of high-security government buildings across a disparate infrastructure of security systems.

OMB M-11-11 requires that an agency’s existing logical access control systems be upgraded to align with the FICAM Guidelines for PIV usage, and validate and use PIV cards issued outside a given agency.

How PIAM can help: To address these three requirements, PIAM software provides processes to manage the intersection of digital identities, various credentials and physical identities into a comprehensive policy-based management approach. It streamlines and consolidates disparate systems into a single and centralized FICAM-aligned, integrated and auditable system. Software provides a one-step policy-based approach to manage and enroll PIV cardholders, including biometric/biographic data capture from the PIV card, into various physical access control systems (PACS). Lifecycle management of the PIV card in PACS including activation, status inquiry, lost/stolen cards, provisioning and revocation, expiration and so on can all be managed centrally. Moreover PIAM is the missing ingredient in legacy federal PACS systems, which connect the authoritative and trusted data sources for identities and PIV attribute to PACS to ensure security and achieve the target state for a modernized physical security system.

PIAM software can also analyze risk and compile key data across the physical security infrastructure. Integrated infraction management can automatically trigger notifications and/or change access privileges. The software can define, audit and enforce Segregation of Duty (SOD) policies across the physical infrastructure. It can manage risk levels associated with persons of interest (POI), based on lists of physical identities that are potential threats to an organization along with their risk profile and historical details. Customized assessment reports covering global locations can be provided to a single Web console; and daily, weekly and monthly operational reports can be generated automatically to provide security practitioners with information to optimize staffing, budgeting and other resources.

For government, financial, healthcare and many other industries, security requirements demand a comprehensive security infrastructure that includes both the physical and logical security spectrums. PIAM effectively addresses the challenges with best practice processes that reduce both costs and risks.

 

Ajay Jain is President and CEO of Quantum Secure. Request more info on the company at www.securityinfowatch.com/10214753.