Last month, we released our HID PIV solution, which provides complete identity lifecycle management--from identity proofing plus secure credential issuance and use, to deprovisioning of credentials. The PIV, Personal Identity Verification, standard was created in reaction to the United States government’s Policy for a Common Identification Standard for Federal Employees and Contractors. The objective was to improve the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems – which would make it easier for employees to access what they need and make government agencies more secure.
PIV has been around for years, since 2005 in fact. So why did HID decide to release a new solution now? There were a few factors driving the need for something different. The inherent complexity associated with procuring, deploying, and managing the systems which deliver all the required functions might require products from 5-12 different vendors. This created a huge integration and support burden for IT.
Second, there is a renewed interest in government agencies and those that support them to improve their security posture in reaction to recent attacks and breaches. The National Institute of Standards and Technology has established guidelines with four Levels of Assurance, with 4 being the most stringent. Level of Assurance 4 (LoA4) demands increased identity proofing requirements, multi-factor authentication for logical/IT access, and the use of FIPS 140-2 certified hardware cryptographic tokens. Many organizations are now mandated to deploy LoA4 compliant solutions for their most sensitive authentication needs. The following visual shows how these standards fit together.
As you can see, even though the initial standards were developed by the US government, there are many applications for corporations and non-government organizations as well – especially in highly regulated industries like defense contractors, critical infrastructure, and healthcare .
HID Global is in a unique position to address both these requests. Due to the breadth of our portfolio, we already had the solutions that covered most of the secure identity credential lifecycle – from establish and create, to use and manage. We could add an identity proofing solution, HID PIV IDMS (Identity Management System), and then further integrate this and our other solutions to provide easier implementation and simpler on-going management.
In addition, HID Global is a leader in secure credential convergence – or the use of a single credential to access physical facilities and IT systems, networks, and applications. This makes access easier and more convenient for the user, therefore allowing them to be more productive, while maintaining and often increasing the security of the things that need to be protected.
But we’ve gone one step further by incorporating our Quantum Secure Safe Software Suite into our HID PIV Enterprise version. SAFE is a physical identity and access solution that is a bridge between disparate physical and IT security systems. The SAFE Platform Suite allows HID PIV Enterprise to facilitate easier movement between different physical sites without sacrificing overall security.
To learn more about HID PIV, visit www.hidglobal.com/hidpiv.