Still lost as to what you need to do to ensure your access to JPAS in January 2012?  External Certificate Authority (ECA) Public Key Infrastructure (PKI) is the 3rd option for logging into JPAS. 

You need ECA PKI if you do not have or qualify for a Common Access Card (CAC) -- provided by military/government agency, or a Personal Identity Verification (PIV) -- provided by a government agency.

The Defense Manpower Data Center (DMDC) the office maintaining JPAS offers the following Frequently Asked Questions and Answers:

• DCO Joint Personal Adjudication System PK-Enabling Presentation on 08/26/2011
• JPAS PKI FAQs
• JPAS PKI Technical FAQs
• Obtaining Future JPAS Logon Methods, ver. 3.1

Basically the above links tell you that there are 3 approved vendors for ECA PKI: IdenTrust Inc., Operational Research Consultants, Inc., and VeriSign, Inc. (now Symantech).  Originally the instructions were to tell the Vendor that you required a FIPs 140 compliant smart card and either a Medium Hardware Assurance or a Medium Token Assurance Certificate.  Due to the fact that one of the authorized vendors (VeriSign) was unable to provide the requested FIPs 140 compliant smart cards we are now allowed to use USB Tokens.

The only difference between the Medium Hardware Assurance or a Medium Token Assurance Certificates is:

• Medium Hardware Assurance -- Identity verified by a Trusted Agent (~200 in world for all 3 companies)
• Medium Token Assurance -- Identity verified by a notary

Tip for NCMS Members -- IdenTrust, Inc. has authorized a 20% discount for NCMS members using the link under the member's section of the NCMS webpage.

Remember that if you have not started the process of obtaining your ECA PKI smart card/token by October 31st you are in danger of losing access to JPAS in January 2012 -- it takes approximately 6 weeks to complete the process.

Comments or feedback on this article?  Email ajsconsulting@earthlink.net.

Changing bulls after 3-4 years is standard practice when you are breeding.  Recently we

had an opportunity to purchase a black Watusi bull and so we had to retire our current bull -- Pugsley (pictured on the Left).  This opportunity included the chance to trade a couple of heifers (~ 6 months old each) for several bales of hay and we did so gladly. 

Receiving the new bull seemed easy -- we just put him in the East Pasture and closed the gate.  Conveniently forgetting that the recently replaced fence to the South left a gap open between the East Pasture and the West Pasture, we began the process of attempting to herd the two heifers into the corral and running them through the ramp into the waiting trailer.  After finally loading the heifers and completing our transaction, we left for lunch and to cool down before bringing Mom out to see her new bull.

Upon our return, we found both bulls in the corral eating on the fresh bale of hay.  There did not seem to be any animosity between them -- thankfully.  The next day, Pugsley went to his new home and Cookie (pictured to the Right),  began the process of asserting himself and gaining credibility with the rest of our herd.

Whether you experience upper level management changes, regular staff rotations (like cross-training), new hires, layoffs, or terminations; personnel security requires you as the FSO to be aware of changes before they happen or soon enough afterwards to avoid any negative ramifications.

Negative results can include:

• Failing to de-brief an individual and indicate the loss of access in JPAS and any other Access Lists
• Can result in loss or compromise of classified information either at a facility being visited by a former employee or due to others not realizing the individual no longer has access and has been reassigned to other duties
• Individual does not know that they no longer have access and thus continues to attempt to access information
• New C-Level Executive is a foreign national and now your cleared facility has FOCI issues that may or may not be resolvable while is in this key position

As FSO, you may also be able to determine during the debriefing process if the individual will be a possible threat because of the circumstances requiring the debriefing and be able to suggest protective measures or alternatives to upper management.

Knowing that new personnel coming in at any level, whether rotating in or coming in brand new, will have to build credibility with the rest of the staff, you as the FSO can sometimes assist the individual in recognizing this fact or in providing the individual the opportunity to earn the needed credibility -- especially if this person is on the Security Team.

Remember that personnel security is more than just maintaining clearances and can include protection of staff and facility as well.

Interested in more information like this?  Have a suggested topic you would like to see addressed?  Email ajsconsulting@earthlink.net.