The SAFE Solution offers businesses of all types the ability to seamlessly manage their security processes from one central location – providing maximum security, compliance and ease of use.
The Business Challenge
The goal of PIV and PIV-I credentials is to provide secure means of identification and access for Federal Government employees and contractors. However, under HSPD-12, PIV cards are only issued to Federal employees or contractors who require routine access for 6 months or more. Moreover, given the high cost and inherent latency in issuance, PIV and PIV-I cards are not warranted for short-term contractors, interns, on-site vendors, unescorted visitors and even interim cards for full-time employees/contractors. As a result, federal agencies resort to issuing legacy credentials (badges) including one-time tokens, proximity, magnetic stripe and paper badges, incurring the additional cost of managing two infrastructures (system, process, staff) to manage the PIV as well as outdated credentials. Unfortunately these non-secure credentials aren’t held to the same rigorous standards as PIV/PIV-I cards and thus represent significant security vulnerabilities.
What federal agencies need is a cost-effective secure credential with quick time-to-issuance, which adheres to the rigorous standards/specifications of PIV/PIV-i, but need not be cross certified. The answer is a better, faster, cheaper PKI-based smart card solution – the Commercial Identity Verification (CIV) credential. The Smart Card Alliance has defined the CIV to be technically compatible with the PIV-I credential specification, allowing seamless use with the installed PIV and PIV-I access control infrastructure. This CIV is also seeing adoption in the commercial market, which can also benefit from higher assurance credentials used within the Federal Government.
SAFE for CIV Smart Card Solution is a software solution to manage the entire lifecycle of CIV cards, cardholders, associated PKI certificates, including printing, issuance and management of cards, and their enrollment into (physical and logical) access control systems with detailed audit and reporting.