Four Ways Identiv Can Help You Follow OMB Best Practices
By Steve Dunlap, President, Thursby Software Systems (an Identiv Company)
On March 22, 2020, the Office of Management and Budget (OMB) issued a memorandum (M-20-19) in response to the national emergency for COVID-19, directing agencies to use the breadth of available technology capabilities to fulfill service gaps and deliver mission outcomes. And we’re happy to report Identiv’s suite of products supports many of the best practices set forth by the OMB — all of which will help keep your data and your organization safer and more secure during this time of increased teleworking.
1. Remote Printing and Signing
The memorandum indicates that “agencies should consider leveraging digital signature capabilities offered by other federal agencies to meet any technological capability gaps.”
Thursby’s Sub Rosa suite of products provides users with the ability to edit and sign PDF documents from their iPhone, iPad or Android phone or tablet, using their CAC, PIV or derived credential. Additionally, users can access two-factor websites; sign, encrypt and decrypt emails; view, edit and create calendar events.
Thursby’s Sub Rosa suite of mobile apps has more than 200,000 users and has enabled bring your own device (BYOD) movements within the United States Air Force, Navy and just about every other federal agency. Such movements have given users the ability to deliver and receive digital information and access essential services anytime, anywhere and on any device. This level of remote connectivity is essential in enabling users to mobilize at a moment’s notice while simultaneously retaining the ability to stay connected and secure.
2. Alternative PIV Credentialing
According to the memorandum, agencies may make a risk determination and issue an alternate credential/authenticator for PIV eligible personnel due to the inability to collect biometrics (e.g., fingerprints) at this time.
Identiv offers a variety of alternate credentials/authenticators that can be used for physical access systems when biometrics are not a safe option. From cloud-based to on-prem, these solutions are scalable and easy to change as business needs evolve.
3. Facilitating Personnel Productivity in a Remote Environment
Also, the memorandum states: “Agencies are encouraged to leverage agency approved collaboration tools and capabilities to the greatest extent practicable.” With this directive in place, it is important for users to recognize there are a wide variety of solutions on the market today that specialize in providing secure access from anywhere, but one size does not fit all. Both native and third-party tools for web access and email, the two most common needs of an employee on their mobile device, are either completely absent or lack the features needed for an enterprise deployment. Luckily, as manufacturers have pivoted to focus on product development as well as cybersecurity, they have developed a series of solutions to meet these challenges.
For Identiv, that meant developing an entire suite of different applications that provide users with the ability to use two-factor authentication to access websites and to sign, encrypt and decrypt email (S/MIME). Setting employees up for success remotely requires more than simply downloading an app on a device. Employers should vet all potential options to ensure they are making selections with cybersecurity in mind.
4. Managing Physical Access to Facilities
According to the memorandum, when managing physical access to facilities, agencies should prepare to accommodate personnel who are issued a new PIV credential or that receive a PIV certificate update during their absence from federal facilities and who might need to re-enroll their PIV in the physical access control system (PACS) for access to the facility.
Hirsch Velocity offers an SDK to connect with providers who offer remote PIV provisioning through an authoritative data source. Agencies can process mass re-enrollment and updates remotely through the SDK connection. This would require an additional interface to be created. This also assumes the PACS system can be accessed from an outside network or via a VPN connection.
Whether users need to open an email or simply connect to the internet, it is important to take into account federal recommendations for maintaining cybersecurity. Luckily, Identiv has your back. Our products and technology platform always strive to reflect and anticipate the environment our customers are facing, both in terms of technical requirements and functional capabilities. Businesses need to leverage the best, most cost-effective technologies in their systems at all times — especially right now.
Contact Identiv today to see how we can work together to get you there.