HSPD-12 Solution

For over 23 years, SafeNet has been a global leader in information security and a key security technology solutions provider to various state and federal government agencies. Widely deployed by the military, our solutions are also utilized to secure intra- and inter-bank transactions involving trillions of dollars daily. SafeNet is proud of its legacy of providing strong authentication solutions, such as smart cards and USB tokens, to both the public and the private sector.

Overview

The core requirement for “Homeland Security Presidential Directive 12,” or HSPD-12 as it is commonly referred to, is to implement a federal government-wide common and reliable identification verification system that will be inter-operative between all government agencies and serve as the basis for reciprocity between those agencies. Identity needs to be consistent across departments and agencies, and should be applicable across both physical and logical access. Acquisition and deployment of a FIPS Level 3-certified card, such as SafeNet's Smart Card 400, not only meets the needs of the core requirements of HSPD-12, they also provide market-leading capabilities, such as Advanced Encryption Standard (AES) and 64 EEPROM.

To meet the bare minimum requirements is a very risky approach. To deploy strong authentication for access, but not secure the periphery, can leave you vulnerable. Much like putting a $500 lock on the front door of a barn with an open back door and no fence – without a doubt, the horses WILL runaway - breaching your security.

Ensuring that an identity card is meaningful requires that user access levels are current and justifiably based upon user needs and the security policies in place. It is about managing the life cycle of a user and the card. You should be able to immediately suspend the access available to a user when the user's needs no longer justify it. You must be able to disable the card access when a card is lost. You must be able to repossess the card when an employee/contractor leaves the organization.

Non-repudiation (establishing accountability during forensics) requires that your employees identify themselves to the system in an irrefutable manner—achieving this through digital certificates requires a certificate management solution! Is it important to you that a lost laptop (one whose access you were so meticulously guarding) containing sensitive data does not put your agency's name in the newspaper? For this, you need SafeNet's Data at Rest Protection solution — by encrypting all of your data, this solution provides assurance that the data cannot be extracted and misappropriated.

As you can see, HSPD-12 is not about putting in one product and checking the compliance box. It is about a whole lot more!

• It is about putting in place a security policy that clearly defines how security will be enforced.
• It is about managing identity life cycles.
• It is about bringing together multiple best of breed products and resolving integration challenges.
• Finally, it is about leveraging this deployment to meet future security needs of the organization.

HSPD Interoperability Consortium

Seeking to help resolve the challenges that an organization faces as it sets out on the path of compliance, SafeNet has spearheaded the creation of an HSPD Interoperability Consortium. Comprised of 9 leading vendors in the security industry, the Consortium was founded to provide agencies and Systems Integrators with clarity concerning HSPD-12 compliance, a complete solution that is certified and interoperable, and to ensure that the solution is flexible so as to accommodate the future needs of the agencies.

SafeNet believes that HSPD-12, like any other security management project, requires a clearly defined path that gets you where you need to go today and offers you the flexibility to take you where you want to go tomorrow.