Most products have an expiration date and credentials are no exception. Businesses using technology that are 10, 20, or 30 years old now face security vulnerabilities that could expose critical information to hackers.
Convergint, partnered with HID Global, can implement the HID PIV (Personal Identity Verification) solution to address credentials challenges by leveraging the same government-strength security solution that has already been deployed to more than seven million people globally. Organizations benefit from the ecosystem created by this large footprint, with many applications, operating systems, and devices supporting the PIV credentials.
The HID PIV Solution
PIV ensures the right people have access to the right things – and only the things they need to do their jobs – by enabling the following:
- Identity Proofing: A streamlined process for identity establishment with an integrated identity management system that works with popular authoritative, sources captures state/national ID, collects and stores biometric data, connects to external background check systems, and provides a way to include final reviews.
- Lifecycle Management: Once the identity is verified, the system facilitates the issuance of the credential, and then leverages a credential management system for on-going management and provisioning – including PIN, unlock updates, and credential replacement and/or termination.
- Physical Access: When the credential is a card, it can be used for physical access to the organization premises, including the ability to require step-up challenges. In the Enterprise version, HID PIV can also automatically provision and de-provision user access to the organization’s physical access systems.
- IT System Access: The same credential can be used to authenticate to many IT applications.
- Advanced Use Cases: The credential can also be used to digitally sign emails or documents, decrypt emails or files, deliver full disk encryption and boot protection, protect print jobs with secure printing, and many other functions.
Once an applicant has been authorized, this solution will securely issue that credential and manage its lifecycle. The credential itself can be in the form of a FIPS 140-2 certified smart card or USB key with embedded secure element. The smart card can be contact-only or dual interface (contact and contactless), which can be printed to include a facial image, personal information and/or organization logo.
In addition to issuing and managing smart cards and USB keys, this solution can manage virtual and software credentials which are better suited for mobile computing devices such as tablets and smart phones. The credential typically contains digital certificates and the corresponding private keys, user data, and an optional one-time password generator for legacy applications.
A key component of HID PIV is the credential management solution, which securely manages the lifecycle of the credential, including PIN unlock, certificate updates, replacement of lost or stolen credential, and termination. All updates can be done remotely in a highly secure fashion so that branch offices, remote or traveling employees, and partners are serviced without requiring them to be physically present, saving time for employers and contractors.
Contact us to learn more about the PIV solution from Convergint and HID Global.