DPSAC News Header

May 2, 2012 issue of the DPSAC NEWS

In This Issue
HHS ID Badge Rollout Scorecard
ORS Launches First NIH Pilot to Test HHS ID Badge Smart Card Login to the NIH Network
NIH to Require HHS ID Badge Smart Card and PIN for ITAS Login Starting June 18, 2012
NED Training Schedule for May/June, 2012
New Lifecycle Work Station Operator Training Guide Posted Online
PSC Regional Offices Now Offer Enrollment, Badge Issuance and Certificate Renewal Services to NIH Pe
Helpful Tips
FAQs
News Briefs

   

 

Contact Us

 

Division of Personnel Security and Access Control

 

Personnel Security 

Helpdesk: 301-402-9755

e-QIP: 301-402-9735

Appointment Line: 301-496-0051

E-mail: orspersonnesecurity@ 

mail.nih.gov

 

Access Control

Helpdesk: 301-451-4766

E-mail: facilityaccesscontrol@ 

mail.nih.gov

 DHHS Logo gif   NIH Logo gif    ORS jpg

    

HHS ID Badge Rollout Scorecard

  

Here are the most recent NIH badging statistics provided by HHS as of March 30, 2012.  

 

Sponsored: 40,101    Enrolled: 39,090   Issued: 38,885*

 

*This figure represents 96.5% of individuals who have been sponsored.

            
4-27-12 Pie Chart for 5-2-12 DN Issue

            
4-27-12 Excel Sheet for 5-2-12 DN

ORS Launches First NIH Pilot to Test HHS ID Badge Smart Card Login to the NIH Network

 

Smart Card Login Coming to NIH!

On April 12, 2012, ORS became the first group at NIH to participate in a pilot to test 'smart card login' with an HHS ID Badge and PIN to access the NIH network.   

  

Transitioning to a login policy that replaces username/password login with HHS ID Badge smart card/PIN login at NIH is part of the Federal government's continued implementation of HSPD-12 to safeguard the Federal community, information, systems, and facilities through identity certification and access management.

 

As reported earlier in DPSAC News, NIH has two key milestones around this effort:

 

  1. June 18, 2012: Smart card authentication with the HHS ID Badge and PIN will be required to access the Integrated Time and Attendance System (ITAS) from Windows computers. Username and password access to ITAS will still be supported for Blackberry devices and Mac computers.         

      2.  March 29, 2013 (tentative): Smart card authentication will be

           required to access the NIH network on government furnished  

           Windows computers. Macs and scientific or emergency  

           equipment will be excluded at this time. To balance available  

           resources, ICs will have staggered target completion dates

           between now and March 2013.

 

Lessons learned from the ORS pilot will help develop a recommended framework for implementing the second milestone, smart card login on Windows computers across NIH.

 

ORS Pilot Process

In advance of the rollout, all ORS employees, contractors and affiliates who turned on their computers were greeted with the following popup message: 

 

Smart Card Warning Message 1     

On April 25, the over 1,200 ORS staff participating in the pilot received an e-mail from ORS Director Dr. Alfred Johnson notifying them that,  

 

"Starting tomorrow, you must use your HHS ID Badge (PIV card) to log in to your computer. If you try to log in with your username and password the following message will appear and you will be logged off:

 

 

 Smart Card Login Required

 

Please note that all bargaining unit employees, tenants, and individuals without an HHS ID Badge are exempt from this pilot and will not be affected at this time."

 

The e-mail went on to describe how to use an HHS ID Badge to log on to computers running on Windows 7, Vista or XP as well as how to get help if needed.

 

On April 26, 2012 smart card login went live for ORS with all participating staff required to use their HHS ID Badge and PIN to log in. Username and password login was discontinued.   

 

Lessons Learned

Feedback from ORS's Information Technology Branch (ITB) about the pilot indicated that very few individuals experienced difficulty with this transition.  

 

ITB attributed the success of the pilot to the cooperative efforts between a prepared ORS workforce, the HSPD-12 Program Office, DPSAC, CIT and ORS's Desktop Support Professionals. Only a handful of individuals needed either smart card software updates, PIN resets or HHS ID Badge certificate renewals.  

 

Additional pilot rollouts are planned over the next several weeks with the Office of the Chief Information Officer (OCIO) and the Center for Information Technology (CIT) to continue the learning process from ORS.  

Lessons learned and best practices from these pilots will be shared with ICs to provide guidance on how best to introduce smart card login with the HHS ID Badge and PIN to the whole of NIH with as little inconvenience and interruption of work as possible.  

 

For more information about HSPD-12 at NIH, please visit: http://smartcard.nih.gov or http://idbadge.nih.gov. Materials you can use to communicate about this change within your IC are available at: http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx .

 

 

                 

NIH to Require HHS ID Badge Smart Card and PIN for ITAS Login Starting June 18, 2012

Reprinted from DPSAC News, April 18, 2012

 

The NIH is changing the way its workforce accesses information systems and the network. As reported recently in DPSAC News, the first phase of this logical access implementation was completed on March 1, 2012 when two-factor authentication was required for VPN remote access. The NIH is currently working towards the next two milestones:

 

1. June 18, 2012: all Federal employees will be required to use their HHS ID Badge smart card to access the Integrated Time and Attendance System (ITAS). Logging into ITAS with a username and password will no longer be available following this deadline.

 

2. March 29, 2013 (tentative): the entire NIH community (employees, contractors and affiliates) will need to use their HHS ID Badge smart card to access the NIH network on personal computers that run Windows. A computer will log a user off if a smart card is not used to login.

 

This continued implementation of the Homeland Security Presidential Directive 12 (HSPD-12) mandate is designed to safeguard the Federal community, information, systems, and facilities through identity certification and access management.

 

To ensure that all Federal employees will be able to successfully use their HHS ID Badge to access ITAS, the HSPD-12 Program Office will soon begin notifying Federal employees who need to reset their PINs or renew the digital certificates on their HHS ID Badges to visit their local Lifecycle Work Station (LWS) Operator.

 

To view the complete list of LWS Operators at NIH, please visit the DPSAC website: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx.

   

Please be aware that the LWS Operators in your IC will soon begin receiving requests from the employees in your IC for assistance to reset PINs and/or renew digital certificates.  

 

In addition to LWS Operators, the Office of Research Services (ORS) is working to acquire additional resources to assist employees in renewing digital certficates and resetting PINs. As these resources become available, ORS will begin to communicate their availability to NIH employees.

  

The June 18, 2012 ITAS deadline will be here soon. The HSPD-12 Program Office, DPSAC, the NED Team, the OCIO, and ORS are working together to make sure that this transition proceeds smoothly and with minimal inconvenience to the ICs and their employees.

 

If you have any questions, please feel free to contact the HSPD-12 Program Office at HSPD-12@mail.nih.gov.

 

Computer classroom

NED Training Schedule for May/June, 2012

 

The HSPD-12 Program Office continues to offer free NED training for beginners and experienced NED users. Take this opportunity to quickly master NED in a hands-on computer lab environment. 

 

NED for Beginners     

 

    Date:      Tuesday, May 22, 2012

    Time:      9:00 a.m. - 12:00 p.m.

    Location: Building 12, Room B51

   

    Date:      Thursday, June 14, 2012
    Time:      9:00 a.m. - 12:00 p.m.
    Location: 6120 Executive Blvd, Room 6   

NED for Advanced Users     

 

    Date:      Tuesday, May 22, 2012

    Time:      1:00 p.m. - 4:00 p.m.

    Location: Building 12, Room B51

  

    Date:      Thursday, June 14, 2012

    Time:      1:00 p.m. - 4:00 p.m.
    Location: 6120 Executive Blvd, Room 6   

 

Contact Lanny Newman at newmanl@mail.nih.gov to reserve a space. In your e-mail, provide Lanny with your name and IC and which course you would like to attend. 

 

New Lifecycle Work Station Operator Training Guide Posted Online

An updated and expanded training guide for Lifecycle Work Station operators has been posted to the ID Badge website at: http://www.ors.od.nih.gov/ser/dpsac/training/Pages/lifecycle.aspx.

The new guide, developed by the HSPD-12 Program Office, features illustrated, easy-to-follow instructions on logging into the LWS software, the PIN reset process and the certificate renewal process. The Guide is also posted under the 'What's New' section of the website's main page.

US Map Blue from Brad - decreased size from word

PSC Regional Offices Offer Badge Issuance, Enrollment, and Certificate Renewal Services to NIH Personnel 
 

The NIH has contracted with the Program Support Center (PSC) to offer badging services at its Regional Offices to NIH personnel located around the country. This arrangement provides a solution for individuals when traveling to DPSAC's facilities in Bethesda or other satellite locations would be impractical.  Services include the following:

  • Enrollment (identity proofing, fingerprinting & photo capturing)
  • Badge issuance (HHS ID Badge printed and sent by DPSAC) 
  • Badge renewal (HHS ID Badge printed and sent by DPSAC) 
  • PIN resets
  • Certificate renewals

Click here to view a listing of PSC Regional Office locations and contact information as well as guidelines for obtaining HHS ID Badge Enrollment, Issuance and Maintenance services at these sites.*

 

Since PSC Regional Offices do not have the capability to print the HHS ID Badges (PIV Card) on site, individuals will have to make two trips to the PSC regional office - one trip to complete the enrollment process and a second to complete the issuance process and pick up the badge.*

 

Note: Individuals must call ahead for an appointment with the PSC Regional Administrative Manager (RAM) in the region closest to their office.

 

* Travel costs will not be borne by DPSAC.

 

Helpful Tips

 

AOs and ATs -- please don't change an individual's position information unless it is required. Instances that call for changing the person's position information include: a promotion or a transfer to a new position; when the information for an individual was entered incorrectly the first time.  

 

DPSAC recommends that if at any time you have a question about the appropriate Position Information to enter for an individual, you should contact the individual's Supervisor, Project Officer or DPSAC.

 

When you update the Position Information in NED and a different sensitivity level is calculated, a new background investigation request is sent to DPSAC. This new request cancels the previous background investigation and forces the individual and DPSAC to start over.  

 

Note: previous information entered and saved in e-QIP will still be available.   

 

View individual digital certificate expiration dates by IC -- the 'cert' expiration dates are posted at: http://smartcard.nih.gov/PKI_subscribers.htm. The first bullet on that page shows an NIH Smart Card Badgeholders Excel sheet (see the 2nd tab at the bottom of the spreadsheet) that includes 'Cert Expiration Date.'  

 

Where to go to reset your PIN -- check the Lifecycle Work Station (LWS) administrator table (posted at: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx) to find a trained LWS operator from your IC. These individuals will be able to help you reset your PIN and/or update the digital certificates that reside on your HHS ID Badge Smart Card.

   

ICs that want to add LWS operators to the approved roster -- should send a written request to Richie Taffet at taffetr@mail.nih.gov. Once he has approved the request, he will forward the name(s) to HHSIdentityAdmins@deloitte.com to complete the approval process, add the names to the LWS operators roster, and inform the IC that the individual is now approved to operate the IC's Lifecycle Work Station.    

  

Do not lend your HHS ID badge (smart card) to anyone -- lending out your HHS ID Badge (smart card) is prohibited. The issuance of the new HHS ID Badge is based on strict identity proofing and the determination of one's suitability for a specific position classification. 

FAQs


Q. One of our LWS Operators has had a name change.  She has a new SMTP, but her phone number has not changed. She's been issued a new HHS ID Badge smart card but the new smart card is not working in the LWS laptop.  Is there something more that needs to be done subsequent to the name change so she can perform PIN resets with us this week?'

 

A. Yes. You will need to inform Richie Taffet, HSPD-12 Program Manager, of this change. He will pass along the new information to the HHS Identity Administrator. You will be notified once the change is made in their system, at which time your LWS operator should be able to use her LWS laptop with her new HHS ID Badge.

 


Q. I know that the digital certificates in my HHS ID Badge smart card are up to date, but when I try to log in to the NIH network nothing happens. Any suggestions?

 

A. Yes. You should first try to log in using another computer and card reader. If you are able to log on successfully, it's likely that your card reader is broken or dirty. Your IC's IT department should be able to provide you with a new card reader. If you're still unable to log in, you should stop by the DPSAC Badging office where a badge issuer can diagnose the problem. If your badge is broken, you will be issued a new one.

 

 

Q. Who can I talk to about purchasing additional LWS units for my IC? 

 

A. If your IC wishes to purchase one or more LWS units, it should direct inquiries to: HHSIdentityAdmins@deloitte.com. They can also be reached by phone at: 571-249-2273.

 

Note: The purchase agreement for these units has expired and a new one is currently being negotiated at the Department (HHS) level. In the meantime, DPSAC is working to establish a new purchasing contract and will inform the ICs as soon as it becomes available.  

 

 

Q. TwoWhat is dual- or two-factor authentication?

 

A. With dual- or two-factor authentication, two independent items of

authentication are used to prove that the individual logging into the NIH network is an authorized user of the system.

  

The two items used are: (1) something the user has [e.g., the smart card (HHS ID Badge) or SecureID token]; and (2) something the user knows [e.g., the PIN associated with the smart card (HHS ID Badge)].

 

News Briefs

PIV SmartCard Access to myPay Now Available

The Defense Finance and Accounting Service (DFAS) sent out the following notification on April 9, 2012. 

   

Beginning April 30, 2012, you can use your [HHS ID Badge smart card]  to access your myPay account.*   

 

It makes using myPay easier - no need to enter your login ID and password. Continue to access myPay at https://mypay.dfas.mil or through a link on the HHS Access Management System (AMS) home page https://iam.hhs.gov/ams.

 

The first time you use this feature, you will need to click on the HHS PIV "SmartCard" login button on the myPay site and confirm your identity. The next time you visit myPay, just click on the "SmartCard" button to go straight to your account.*

 

Frequently asked questions:

Q. Why should I use my [HHS ID Badge smart card] to access myPay?*

A. Using your [HHS ID Badge smart card] is a good idea for two reasons:

 

     1. It's easy. PINs are easier to remember, and you never have to  

         change your PIN.

 

     2. It helps HHS improve security as part of implementing HSPD-12.

 

Q. What if I am logging in from home or do not have a PIV SmartCard?

A. Don't worry. You'll still be able to access myPay using your myPay

    credentials.

 

Q. What do I need in order to log in to myPay through AMS?

A. Any [NIH] employee with an HHS ID Badge smart card and a smart  

     card reader can access AMS and the myPay link quickly and securely.  

 

AMS Login: Contact the ONE DHHS Help Desk at: 1-888-ONE-DHHS (1-888-663-3447).

 

*  The HHS ID Badge is a form of Personal Identity Verification (PIV)  

    smart card.  

 
A biweekly e-newsletter from the Office of Research Resources, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.