DPSAC News Header

May 16, 2012 issue of the DPSAC NEWS
In This Issue
HHS ID Badge Rollout Scorecard
June 18, 2012 Deadline Fast Approaching for Mandatory HHS ID Badge Smart Card-&-PIN Login to ITAS
CIT Launches Site to Test HHS ID Badge Smart Cards
NED Training Schedule for May/June, 2012
Tools to Help You Implement HSPD-12
New Lifecycle Work Station Operator Training Guide Posted Online
Helpful Tips
FAQs
Safety Corner

   

 

Contact Us

 

Division of Personnel Security and Access Control

 

Personnel Security 

Helpdesk: 301-402-9755

e-QIP: 301-402-9735

Appointment Line: 301-496-0051

E-mail: orspersonnesecurity@ 

mail.nih.gov

 

Access Control

Helpdesk: 301-451-4766

E-mail: facilityaccesscontrol@ 

mail.nih.gov

 DHHS Logo gif   NIH Logo gif    ORS jpg

    

HHS ID Badge Rollout Scorecard

  

Here are the most recent NIH badging statistics provided by HHS as of May 11, 2012.  

 

Sponsored: 40,112    Enrolled: 39,049   Issued: 38,631*

 

*This figure represents 96.3% of individuals who have been sponsored.

            
5-11-12 Pie Chart

            
5-11-12 Excel table for IDBadge Rollout


June 18, 2012 Deadline Fast Approaching for Mandatory HHS ID Badge Smart Card & PIN Login to ITAS

 

As reported in a recent issue of DPSAC News, starting June 18, 2012, NIH will transition to mandatory use of the HHS ID Badge smart card and PIN (two-factor authentication) for everyone logging into the Integrated Time and Attendance System (ITAS). Logging into ITAS with a username and password will no longer be available to Windows users following this deadline.

 

Over 1,200 ORS staff recently participated in a pilot to test 'smart card login' with their HHS ID Badge and PIN. ORS's Information Technology Branch (ITB) reported few difficulties with the transition, with only a handful of individuals needing either smart card software updates, PIN resets or HHS ID Badge certificate renewals.  

 

The NIH is conducting additional pilot rollouts with the Office of the Chief Information Officer (OCIO) and the Center for Information Technology (CIT) to continue the learning process from the ORS pilot.  Lessons learned and best practices from these pilots will be shared with ICs to provide guidance on how best to introduce smart card login with the HHS ID Badge and PIN to the whole of NIH with as little inconvenience and interruption of work as possible.  

   

Note: the NIH has set a tentative deadline of March 29, 2013 to require all NIH employees, contractors and affiliates to use their HHS ID Badge smart card and PIN to access the NIH network on computers that run Windows.

 

Transitioning to a login policy that replaces username/password login with HHS ID Badge smart card/PIN login at NIH is part of the Federal government's continued implementation of HSPD-12 to safeguard the Federal community, information, systems, and facilities through identity certification and access management.

 

HHS Notifying Badge Holders to Renew their Digital Certificates    

To help ensure that everyone who needs to use their HHS ID Badge to access ITAS on June 18 can do so, the Department has begun notifying those with expiring digital certificates on their smart cards (HHS ID Badges) to contact their local Lifecycle Work Station operator to have their 'certs' renewed.

 

A directory of LWS operators is posted on the DPSAC website at: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx.

 

ORS Adds Resources to Renew 'Cert' & Reset PINs     

The Office of Research Services (ORS) is working to acquire additional resources to assist individuals who need to renew their digital certificates and/or reset their PINs. As these resources become available, ORS will begin to communicate their availability to NIH ICs.

 

Most recently, ORS placed an LWS operator on site in Building 31, Room 1B37 for the sole purpose of renewing certificates or resetting PINs for anyone needing these services. Employees, contractors and affiliates can drop in at this location between the hours of 8:00 a.m. - 5:00 p.m. 

 

The June 18, 2012 ITAS deadline will be here soon. The HSPD-12 Program Office, DPSAC, the NED Team, the OCIO, and ORS are working together to make sure that this transition proceeds smoothly and with minimal inconvenience to the ICs and their employees.

 

See the FAQ section below for some common questions regarding the upcoming transition to two-factor authentication for ITAS login.  

 

If you have any questions, please feel free to contact the HSPD-12 Program Office at [email protected].  

 

 

CIT Launches Site to Test HHS ID Badge Smart Cards

 

The Center for Information Technology (CIT) has created a simple test site that allows people to try smart card login through a simulated iTtrust (NIH Login) page. You can confirm your PIN and check if your digital certificates on your HHS ID Badge are working. Visit the test site at: http://testmysmartcard.nih.gov.  

 

The testing process will also help individuals identify any issues with their smart card reader or the configuration of their computer.  

 

If an individual has forgotten their PIN or has expired certificates, they should arrange a visit with a Lifecycle Workstation (LWS) operator. All other issues should be reported to the NIH IT Service Desk. 

 

Computer classroom

NED Training Schedule for May/June, 2012

 

The HSPD-12 Program Office continues to offer free NED training for beginners and experienced NED users. Take this opportunity to quickly master NED in a hands-on computer lab environment. 

 

NED for Beginners     

 

    Date:      Tuesday, May 22, 2012

    Time:      9:00 a.m. - 12:00 p.m.

    Location: Building 12, Room B51

   

    Date:      Thursday, June 14, 2012
    Time:      9:00 a.m. - 12:00 p.m.
    Location: 6120 Executive Blvd, Room 6   

NED for Advanced Users     

 

    Date:      Tuesday, May 22, 2012

    Time:      1:00 p.m. - 4:00 p.m.

    Location: Building 12, Room B51

  

    Date:      Thursday, June 14, 2012

    Time:      1:00 p.m. - 4:00 p.m.
    Location: 6120 Executive Blvd, Room 6   

 

Contact Lanny Newman at [email protected] to reserve a space. In your e-mail, provide Lanny with your name and IC and which course you would like to attend. 

 

Tools to Help You Implement HSPD-12

 

Want to find out more about how you can prepare for the transition to two-factor authentication for logging into your computer and the NIH network?      

 

Visit: http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx.   

 

There, you'll find a collection of tools and easy-to-use 'Get Smart Card Ready' guides on how to log in with an HHS ID Badge and PIN. Materials will be added to the site as they become available.   

 

 factorTwo-factor authentication defined: Two independent items of authentication are used to prove that the individual logging into the NIH network is an authorized user of the system.

  

The two items used are: (1) something the user has [e.g., the smart card (HHS ID Badge) or SecureID token]; and (2) something the user knows [e.g., the PIN associated with the smart card (HHS ID Badge)].

 

 

New Lifecycle Work Station Operator Training Guide Posted Online

An updated and expanded training guide for Lifecycle Work Station (LWS) operators has been posted to the ID Badge website at: http://www.ors.od.nih.gov/ser/dpsac/training/Pages/lifecycle.aspx.

The new guide, developed by the HSPD-12 Program Office, features illustrated, easy-to-follow instructions for logging into the LWS software, the PIN reset process and the certificate renewal process. The Guide is also posted under the 'What's New' section of the website's main page:
http://www.idbadge.nih.gov.

Helpful Tips


Online table of expiring digital certificates by IC now viewable only by ISSOs -- The directory that shows digital certificate expiration dates by IC has moved. These files, which were previously accessible to anyone who could log into http://smartcard.nih.gov/PKI_subscribers, are now viewable online only by ISSOs. AOs/ATs requesting this information from their IC's ISSO are asked to be patient since some ISSOs may not be able to login to Sharepoint and respond the same day.

 

A version of this report will also be made available to the IC HSPD-12 Implementation Points of Contact on the team SharePoint site.   

   

PIV SmartCard Access to myPay Now Available -- the Defense Finance and Accounting Service (DFAS) recently announced that starting April 30, 2012, individuals can use their HHS ID Badge smart card and PIN to access their myPay account.    

  

Continue to access myPay at  https://mypay.dfas.mil or through a link on the HHS Access Management System (AMS) home page: https://iam.hhs.gov/ams.

  

The first time you use this feature, you will need to click on the HHS PIV "SmartCard" login button on the myPay site and confirm your identity. The next time you visit myPay, just click on the "SmartCard" button to go directly to your account.
 

Where to go to reset your PIN -- check the Lifecycle Work Station (LWS) administrator directory posted at 

(http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx)  

to find an LWS operator from your IC. They can help you reset your PIN and/or update the digital certificates that reside on your smart card (HHS ID Badge). Check to see if an appointment is necessary.  

   

ICs that want to add LWS operators to the approved roster -- should send a written request to Richie Taffet at [email protected]. Once he has approved the request, he will forward the name(s) to [email protected] to complete the approval process, add the names to the LWS operators roster, and inform the IC that the individual is now approved to operate the IC's Lifecycle Work Station.    

  

Do not lend your HHS ID Badge (smart card) to anyone -- lending out your HHS ID Badge (smart card) is prohibited. The issuance of the new HHS ID Badge is based on strict identity proofing and the determination of one's suitability for a specific position classification. 

FAQs

ITASAnswers to some common questions about smart card (HHS ID Badge)/PIN login to ITAS:

 

Q. Will Blackberry users still be able to log into ITAS?

 

A. Yes. ITAS will continue to support username/password login on Blackberry devices.

 

 

Q. Are only Federal employees affected?

 

A. No. All ITAS users who have an HHS ID Badge (e.g., contractors who hold Timekeeper roles in ITAS) will need their HHS ID Badge and PIN to log in.

 

 

Q. What happens if a user requires access to ITAS but cannot successfully log in with their HHS ID Badge and PIN?

     

A. A temporary exemption process is under development to enable access if an individual has a legitimate reason for not being able to access ITAS by smart card login.

 

                                           ___

 

 

Q. In terms of logging into ITAS and the looming deadline for Federal employees having to use their smart card (HHS ID Badge), what will be the protocol for employees that don't have their HHS ID Badge yet?

 

A. For employees who don't yet have their HHS ID Badge, their ITAS coordinator will need to perform whatever tasks are necessary for that individual. Once the individual has been issued their badge, s/he will be able to enter ITAS information on their own.

 

Please note: Individuals with disabilities and individuals whose duty station is abroad are exempt from this requirement. No other exceptions will be considered since there will always be someone (an ITAS coordinator or alternate) who will be able to perform these tasks on the person's behalf.

 

   

Q. I'm part of the ORS pilot that is required to use my HHS ID Badge and PIN to login to my computer and the NIH network. When I received notification that my password was about to expire and that I should renew it, I ignored the message thinking I wouldn't be needing my password anymore. When my password did expire, however, I found that I was locked out of my computer. What's going on?

 

A. Everyone who is transitioning away from username/password to HHS ID Badge smart card/PIN login will still need to update their password when they receive an e-mail notification that their password is about to expire. Otherwise, they will be locked out of their computer until they have updated their password, even though they may not be using their password for login.

 

Once the individual has updated their password, they will be able to log in with their HHS ID Badge and PIN. Everyone will need to continue to update their expiring password for the time being.

 

 

Q. How long will this password requirement last before it is discontinued?

 

A. According to the Office of the Chief Information Officer, as long NIH continues to use username/password authentication with Active Directory (AD), the password change policy will apply. AD will not allow you to login to a computer (with or without a PIV card) if your password is expired. This policy is expected to remain in effect for at least 2 more years.

 

 

Q. I know that the digital certificates in my HHS ID Badge smart card are up to date, but when I try to log in to the NIH network nothing happens. Any suggestions?

 

A. Yes. You should first try to log in using another computer and card reader. If you are able to log on successfully, it's likely that your card reader is broken or dirty. Your IC's IT department should be able to provide you with a new card reader.  

 

If you're still unable to log in, you should stop by the DPSAC Badging office where a badge issuer can diagnose the problem. If your badge is broken, you will be issued a new one.

 

 

Q. Who can I talk to about purchasing additional LWS units for my IC? 

 

A. If your IC wishes to purchase one or more LWS units, it should direct inquiries to: [email protected]. They can also be reached by phone at: 571-249-2273.

 

Note: The purchase agreement for these units has expired and a new one is currently being negotiated at the Department (HHS) level. In the meantime, DPSAC is working to establish a new purchasing contract and will inform the ICs as soon as it becomes available.  

 

 

Safety Corner

  

Be Prepared for a Fire Emergency in Your Workplace!

This article was prepared by the Division of the Fire Marshal, Office of Research Service

   

The following steps will help ensure you are prepared and ready to take action if a fire emergency were to occur in your workplace.   

  

  • Post the fire department emergency phone number by your phone. When on the NIH Bethesda campus, dial 911 from an office phone (or 301-496-9911 from a cell). For off-campus NIH facilities dial 9-911 from an office phone (or 911 from a cell phone).
  • Locate the nearest fire alarm manual pull stations from your work area and know how to operate them.
  • Know the sound of your building fire alarm system so you know when to take action if your building fire alarm system is activated.
  • Know at least two ways out of your work area.
  • Familiarize yourself with the building you work in so you know how to evacuate the building from wherever you are in the building.
  • If you have a disability, participate in the Occupant Emergency Organization for your building. Discuss in advance with the Division of Emergency Preparedness and Coordination, Emergency Planning Coordinator (Phone: 301-496-1985) what assistance you will need to alert you and to help you leave your work area and get to a safe location.

  

If you have any fire safety issues or questions, please contact the Division of the Fire Marshal, Office of Research Services at: 301-496-0487.  

  

For occupant evacuation planning issues or questions, please contact the Division of Emergency Preparedness and Coordination, Office of Research Services at: 301-496-1985.     

 

A biweekly e-newsletter from the Office of Research Resources, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.