NIH is a Valuable Place with Valuable People: We Need to Protect it! Cyber threat is one of the most serious economic and national security challenges.

Slides:

Advertisements

Similar presentations

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

Advertisements

June 27, 2005 Preparing your Implementation Plan.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.

Mobile Devices in the DoD

Single Sign-On and Federated Authentication at NIH and Beyond

Security for Mobile Devices

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Red Flag Rules: What they are? & What you need to do

Brian Epley, VA PIV Program Manager

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Public Key Infrastructure (PKI) Hosting Services.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

Department of Labor HSPD-12

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

FIT3105 Smart card based authentication and identity management Lecture 4.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

E-Authentication: What Technologies Are Effective? Donna F Dodson April 21, 2008.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 10: Authentication Guide to Computer Network Security.

Federal CIO Council Information Security and Identity Management Committee IDManagement.gov FICAM Testing Program and Approved Products List (APL) Overview.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

HSPD-12 and FIPS-201 Overview v Learning Objectives At the end of this course, you will be able to: Describe Homeland Security Presidential Directive.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

NIH Policy Manual 2811 Policy on Smart Card Authentication iTrust Forum Mark L. Silverman December 10, 2009

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.

NAPHSIS REAL ID Overview June 6, 2007 In support of this key requirement,

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Eliza de Guzman HTM 520 Health Information Exchange.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

HSPD-12 and the Personal Identity Verification (PIV) System Procurement Briefing by Corrine Irwin January 2008.

Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture b This material (Comp7_Unit7b) was developed by.

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

Working with HIT Systems

PMC Update on Cyber Sprint June 18, Overview: 30-Day Cyber Sprint 1.Interagency Cyber Sprint Team: Launched June 11 and executing against the.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Best Practices in Enterprise IAM Liza Lowery Massey Montana Government IT Conference December 6, 2007.

Access Control / Authenticity Michael Sheppard 11/10/10.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Case Study: Applying Authentication Technologies as Part of a HIPAA Compliance Strategy.

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

Instructions for the Access Card Utility 1.2 Self-service renewal of your HHS digital certificates using your Windows computer US Department of Health.

HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.

OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Advanced Planning Brief to Industry Jerry L. Davis DAS, Office of Information Security June 9, 2011.

ORNL is managed by UT-Battelle for the US Department of Energy Multifactor Authentication June 15, 2016.

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Summary Physical Access & Time and Attendance PC/Network Access

Introduction to the Federal Defense Acquisition Regulation

E-Authentication: What Technologies Are Effective?

HIMSS National Conference New Orleans Convention Center

NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.

Presentation transcript:

NIH is a Valuable Place with Valuable People: We Need to Protect it! Cyber threat is one of the most serious economic and national security challenges that we face as a Nation. Implementing HSPD-12 is part of building a secure digital infrastructure to strengthen NIH’s defenses against data theft and security breaches, and to protect our research, our patients and our information. Your HHS ID Badge provides an easy and standard way to encrypt sensitive information, making it safer for you to share information with the right people and only the right people. NIH employees, affiliates, and contractors can work remotely in a secure manner as an HHS ID Badge and the PIN provide a simple and secure way to access the NIH network from any location. ONE Card, ONE PIN. When this initiative is fully implemented, all you need to access the NIH network and facilities is your HHS ID Badge and your PIN that you never have to change. The security of DHHS’s information systems is a top priority in the area of risk management. Compliance with HSPD-12 is part of improving our security policies and procedures and mitigating this risk. What is Happening? The NIH is changing the way we access information systems and the network by transitioning away from usernames and passwords to smart card authentication with our HHS ID Badges (PIV card). Two-factor authentication (something you have, like a your HHS ID Badge, and something you know, like a PIN) was recently enforced for VPN remote access, and will next be enforced for the Integrated Time and Attendance System (ITAS) and direct access to the NIH network. US Department of Health and Human Services National Institutes of Health The Continued Implementation of HSPD-12 Securing NIH’s Network and Facilities The Continued Implementation of HSPD-12 Securing NIH’s Network and Facilities Mark These Milestones June 18, 2012: Smart card authentication, with your HHS ID Badge and PIN, will be required to access ITAS on Windows computers. Username and password access to ITAS will still be supported for Blackberry devices and Mac computers. March 29, 2013: Smart card authentication, with your HHS ID Badge and PIN, will be required to access the NIH network on government furnished Windows computers. Mac computers and scientific and emergency equipment will be exempt at this time. Note: To balance available resources, ICs have interim completion target dates between now and March June 27, 2014: Smart card authentication will be enforced for all physical access and electronic validation of non-HHS ID Badges. What is HSPD-12? The Homeland Security Presidential Directive 12 (HSPD-12) is a government-wide mandate to safeguard the Federal community, information, systems, and facilities through identity certification and access management. HSPD-12 mandates a Federal standard for secure and reliable forms of identification such as our HHS ID badges. NIH has made significant progress with HSPD-12 our HHS ID Badge issuance, and now will leverage that investment with the use of its smart card authentication capabilities for both physical and logical access for all NIH resources. This investment will provide NIH with added protection against today’s cyber threats. More Information about HSPD-12 at NIH Please visit or for more information. Resources to support your IC are also available at: