• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance

The Future of Federal Access Control Systems

Systems integrators in the government sector must provide for the needs of the customer as well as compliance guidelines, says SIA GovSummit pundits.

October 26, 2017 Mickey McCarter Leave a Comment

The success of future federal access control systems for government agencies will depend a lot on the systems integrators equipped to handle those jobs, experts agreed during a panel at the SIA GovSummit, held June 29 at The Liaison Capitol Hill in Washington, D.C.

Tim Smith, chief technology officer, Chenega Integrated Security Solutions, said success lies in understanding complex guidance as well as the vision of the customer.

“You have to have a clear idea of what your end state is,” said Smith, presenting as a systems integrator working for a variety of agencies across the federal government. “One of the things we try to do as an integrator is reach out to both ends and try to close the requirements gap so that the end users understand …are buying the right kind of Chevy, as it were.”

“From a compliance standpoint, we need to make sure the changes an organization wants to do is something that is vectored toward an end state of strong credentials for access control. That’s what it boils down to.” — Tim Smith at the 2017 SIA GovSummit.

Qualifications for Systems Integrators in Federal Access

Guidance for implementation of Federated Identity, Credential and Access Management (FICAM) requires “a mechanism to assess the identity management standards against applicable federal requirements, policies and laws,” according to the U.S. government. And the FICAM road map understands that agencies cannot get there overnight.

“You don’t have to rip everything out. As long as you have a clear idea of the end state and what the system has to do,” Smith added. “It has to provide a strong credential to provide appropriate access based on user characteristics. You have to ask, what do I currently have? And how do I get there in phases?”

Ultimately, the federal government seeks to centralize physical access control systems (PACS) much as it does other IT services, Lenel’s Ryan Kaltenbaugh, vice president, Federal Government Solutions, explained to conference attendees hosted by the Security Industry Association (SIA).

“In the physical world, we fail to really think through how we automate compliance to security policy and control access to thousands of doors in a government enterprise just in the way we control access to thousands of applications on a network. So to me, FICAM means everything from end to end. It’s not just the credential or the PACS,” Kaltenbaugh said.

The Credit Card Analogy for Federal Access

Smith used an analogy of new Visa credit cards with chips, widely adopted in the United States only in the past few years. The chip cards are replacing old swipe cards because they offer stronger authentication, Smith said. It may be “a pain in the butt” to wait a few seconds longer when you are in the checkout line at Target, but the result is significant reduction in cybercrime related to credit card fraud.

“That’s what we are trying to bring to access control in federal facilities,” Smith said.“There’s a lot going on in that federal access control decision, but what you get for it is that we know who this person is and whether they have access to that particular door.”

Most recently, the U.S. National Institute of Standards and Technology (NIST) issued guidance in the form of SP 800-63-3, Digital Identity Guidelines, on June 22 to “provide technical requirements for federal agencies implementing digital identity services.” NIST and the U.S. Office of Management and Budget (OMB) are working closely to promulgate the guidance across the federal government, tying implementation to budgets.

The goal is to manage risk as a federal enterprise where individual agencies must take into account the interconnectedness of all agencies, said Joe Stuntz of the OMB Cyber and National Security Unit during SIA GovSummit. PACS systems are IT systems.

The most recent NIST guidance rescinded 57 disparate requirements as the federal government streamlines, Stuntz said. The goal is to ease the burden on agencies and their systems integrators as they manage installation of access control systems that comply with federal guidance. An overall policy, consolidated into one set of regulations, will become available for public comment in the near future.

Implementing Guidance for Systems Integrators

As a study in how to bring it all together, William Windsor, deputy director of the Enterprise Integration and Compliance Office with the Office of the Chief Security Officer (CSO) at the U.S. Department of Homeland Security (DHS), offered insights into how his department is implementing guidance during the SIA GovSummit.

The DHS CSO has responsibility for working with component CSOs within the department to ensure PACS are in place and that those systems are compliant with requirements of the DHS chief information officer. The resulting DHS PACS Modernization effort brings together all stakeholders for a gap analysis that will require the ultimate approval of the DHS Secretary.

Systems integrators who successfully partner with DHS on federal access control systems projects will have a deep understanding of these requirements, which strive to be “agnostic” as to prescribing a specific solution, Windsor said. But success for DHS also depends on a specific reality—the cost of specific solutions. So it seems while measures of successful implementation may change over time, some considerations will always remain the same.

Learn more about the SIA GovSummit here.

 

This article was originally posted on sister site Commercial Integrator.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Access Control, Regulations

Related Content:

  • White House AI Regulations, ChatGPT, Generative AI 5 Things You Need to Know About the…
  • DDoS, NETSCOUT Arbor Insight 7 Layers of DDoS Attacks and How To…
  • cyber-attack-skull Spike in Cyberattacks Exposes Vulnerabilities in University Security…
  • Google, Bard Google: Bard Now 30% Better at Computation-Based Problems

Free downloadable guide you may like:

  • ChatGPT, generative AI, enterprise, workplaceBlueprint Series: ChatGPT and Generative AI in the Workplace

    This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about deploying generative AI in their organizations.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.