| Having trouble reading this newsletter? Click here to see it in your browser. You are receiving this newsletter because you signed up from our web site. Click here to unsubscribe. |
 |
 |
|
Contents 
Contact Us Division of Personnel Security 
|
|
This is the July 1, 2009 issue of the DPSAC NEWS Happy and Safe July 4th !!! AOs – Helping Mend Broken Links When Running Renewal Tasks in NED As an AO you’re likely to encounter the following scenario: You’re running a badge renewal task for an individual and you send out an e-mail notification for the individual to update his/her personal information. When the individual opens the e-mail and clicks on the link to update the personal information, s/he gets an error message. The NED team is aware of the issue and is working on a permanent solution. In the meantime they offer these two work-arounds: If you are receiving an error when clicking on the link, and you are logged into the NIH network, you can try one of two things: 1) Make sure that all instances of your Internet browser are closed. If you are using Internet Explorer as your browser, then start the application, select Tools, Internet Options, and click on the buttons to ‘Delete Cookies’ and ‘Delete Files.’ If you are using Mozilla Firefox as your browser, start the application, select Tools, Clear Private Data, put a checkmark next to Cookies, click on ‘Clear Private Data Now,’ close the application and click on the link in the e-mail. OR 2) Go to https://ned.nih.gov/ned and log in using your network account and password. Click on the Inbox and click on the green arrow to run the Badge Renewal task. Do *not* select ‘Update My Record.’ NED is only compatible with Internet Explorer and Mozilla Firefox on the PC, or Apple Safari and Mozilla Firefox on a Mac. According to the NED team the link will only work within the NIH Network and is valid for seven days. They also note that this problem is occurring only for “renewals” and not for “new” NED records. Parental Permission Is Mandatory for Summer Students Under Age 18 Summer Students under the age of 18 must complete a version of Form HHS-745 that contains a parental permission section. This form can be found at: http://idbadge.nih.gov/badge/docs/BadgeRequestFormStudent.pdf ; it is also available in the Summer Student processing guide posted on the ID Badge website: http://idbadge.nih.gov/badge/students.asp. Once the form, including the parental permission section, is completed, fax it to the NIH Police at 301-480-7840 so that they can conduct a “name check,” which can usually be completed within 3-5 days, and very often sooner. • AOs/ATs planning to schedule the deactivation of a NED record for a person who is leaving NIH should enter an effective date one day BEYOND that person’s last day of service. NED processes scheduled deactivations at 6 a.m. on the effective date. Thus, entering the person’s last day of service as the effective date will result in NED deactivation and disabling of their ID badge and account a day early. Scheduling deactivation for the day after the final date of service will allow the individual to use his/her badge to gain entry to the NIH campus and to access his/her computer files on their last day of service. • Effective June 22, NED started generating badge renewal tasks 60 days prior to badge expiration rather than 45 days. If you missed the e-mail message from Jeff Erickson, NED Project Manager, explaining this change, please click on the following link: Jeff's E-Mail. • Summer Students need to go to the South Lobby of the Clinical Center (Building 10) to be processed for their ID Badges. If you advise incoming Summer Students, please direct them to the South Lobby of the Clinical Center for badging. Also, please note that the Building 31 Enrollment Center in 1B03 and the Police Department in B3B04 are not equipped to issue badges to Summer Students. • Protecting Your New HHS ID Badge from Damage -- Always keep your new badge in the special “magnetically opaque” badge holder provided to you during your badge issuance appointment. Do NOT punch holes in your card for any reason since this action will disable the antennae embedded in the card’s perimeter. Without a functioning antenna, your card will not be able to communicate with the proximity reader to signal the gate or door being controlled by that reader to open. • Protecting Your Badge Holders from Damage -- DPSAC is receiving reports of badge holders (single card only) breaking where the holder attaches to the lanyard clip. To avoid problems, DPSAC suggests NOT using metal clips or key rings to secure the hard plastic badge holders. Flexible rubber or plastic clips tend to work best. If you need to replace your badge holder, you can stop by the ID Badge Issuance Station (B4B03) any time. DPSAC will be happy to provide you with a new badge holder. • Using Your New Badge Holder -- To open a gate or door controlled by a proximity reader, you will need to slide the HHS ID Badge about half way out of the holder so that the antennae embedded in your ID Badge can communicate with the proximity reader. Once the antennae are clear of the protective sleeve, the proximity reader can retrieve the data on your ID Badge and signal the gate or door to open. • Revised instructions for Card Reader Installation -- The NED team recently published new instructions for installing the card reader for the new HHS ID Badge. When your IT Specialist installs your new Card Reader, s/he should follow the instructions spelled out in the attached document (click on: Card Reader Installation) While all IT specialists should have received these new instructions, some may not have seen them. Please pass this information along to the specialist when s/he comes to install your reader. Make sure you are able to access NED using your new HHS ID Badge , card reader and PIN before your IC IT specialist leaves your office. • Getting Help with your new HHS ID Badge Card Reader -- If you have been issued your HHS ID Badge and card reader and are having problems with your reader, please contact the NIH IT Helpdesk: http://ithelpdesk.nih.gov/ or 301-496-4357 (6-HELP) (local); 866-319-4357 (toll free); 301-496-8294 (TTY). • Remember to take two forms of appropriate identification when you go to enroll. Suitable forms of ID include your driver’s license, your NIH ID Badge, your passport, and other I-9 documents. Library and credit cards are NOT acceptable forms of ID for enrollment purposes. • Would you like to refer to an earlier issue of DPSAC News? Go to the http://idbadge.nih.gov homepage and click on 'DPSAC Newsletter' where you’ll find all past issues. Harnessing the power of a solid identity management system can substantially improve your company's risk management posture "In August 2004, not long after the Department of Homeland Security was formed, the Bush administration issued Homeland Security Presidential Directive 12, or HSPD-12. The directive noted the wide variations in security and identification capabilities among agencies, and it set out to create standards for managing the identities of government employees and Federal contractors and their access to both physical facilities and data systems. Like most identity management projects, the concept is simple and straightforward: Put some biometric data on cards, issue the cards to everyone who needs any form of access to Federal facilities and systems, and in the process enable better sharing of data while taking an important step toward keeping the truly bad guys out. The goal was to develop HSPD-12 standards in months, and then implementing them throughout the government, again in months. As anyone who has endeavored to implement a massive federated identity management system can tell you, the directive's timetables were, to say the least, naive. The various departments had varying degrees of interest and budget to actually implement the directive. The technology was immature, particularly in the face of the millions of Federal employees and contractors who would be subject to it. And everything from doorways to databases and applications all had been previously conceived with no thought of a unified identity management system--meaning virtually all required a retrofit. By October 2007, anyone with fewer than 15 years on the fed payroll was supposed to have an ID card. Not a single agency met that deadline. The Office of Management and Budget and the General Services Administration got more serious about the program and by mid-2008 reported that 97% of the more than 5 million employees and related contractors had their cards. Agencies have since been retrofitting and conducting background checks. HSPD-12 offers some important lessons for private-sector companies. First, success requires both top-level buy-in and IT-level commitment. It took cooperation between the OMB and GSA to jump-start the program for many Federal departments. Second, there's a fundamental value to thinking big here. Our surveys show that private-sector companies have some form of identity management--66% have it for employees--but we tend not to do much with it once we have it. For instance, only 28% use their identity management systems for cryptographic signing of e-mails, and just 32% show any interest in digital rights management--the uses that can substantially improve your risk management posture. The other lesson to take from the feds is that while a grand vision is needed, the rollout of the technology will take a good bit of department-by-department hand-holding. In an environment where more and more critical and sensitive data is being accessed ever more broadly, for a variety of legitimate business uses, the granularity of control provided by a solid identity management system will often prove indispensible." Q. One of our AOs completed the enrollment process (i.e., she was fingerprinted and photographed) about 10 days ago. She is wondering why she hasn’t received an e-mail notification to complete e-QIP. Did she overlook her e-mail, or is the process different for other AOs? A. Your AO should not be concerned. She can expect to receive her e-QIP notice within the next several days. Note that e-QIP is a separate process and does not affect the badge issuance process. Given her enrollment date and the current backlog of badges being processed and printed by the off-site badge manufacturer, I would expect her new PIV Badge to arrive within the next two weeks. We apologize for the delay, but it is unfortunately out of our control. Thank you for your patience.
Q. My IT technician installed my smart card reader this morning. When I later attempted to log in to NED using my new HHS ID Badge and card reader, I received an “Access Denied” message. What should I do? A. At the time the card reader is installed, the AO should make sure that the IT technician verifies that it is possible to log in to NED using the new HHS ID Badge, card reader and PIN. If the card reader is installed correctly, you should not be receiving an error message. As noted above, IT technicians should have received the updated instructions for installing the card reader, but just in case s/he didn't, you may want to share these new installation instructions by clicking on the following link: Card Reader Instructions. Alsok if you experience problems with your reader, please contact the NIH IT Helpdesk: http://ithelpdesk.nih.gov/ or 301-496-4357 (6-HELP) (local); 866-319-4357 (toll free); 301-496-8294 (TTY).
A. Your badge is working fine. Remember, a proximity reader pulls information off your HHS ID Badge via the antennae embedded in your badge. Since your badge holder is “magnetically opaque” and is designed to block signals from your badge, it cannot be “read” until its antennae are exposed. Slide your badge halfway out of the badge holder. This will expose the antennae to signal the reader to open the door or gate.
A. Your question is shared by many other veteran NIH employees. It turns out that it is a requirement set forth by the Office of Personnel Management (OPM) that the OF-612 and the OF-306 be filled out even though you are completing the e-QIP questionnaire. Unfortunately, OPM will return the application if all the requisite forms are not completed and submitted to them. Only after they are in receipt of all completed forms will they complete the background checks. No exceptions. Sorry. The two forms can be found at the following links: http://forms.cit.nih.gov/adobe/personnel/OF306.PDF; http://security.nih.gov/PIV/PDFs/OF612.pdf A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce. |
|