Securing new opportunities in the government security sector

A guest commentary from Jeff Huggins, ASSA ABLOY's director of government programs
Wednesday, August 1, 2018

Government contracts on any level—be they federal, state or municipal—can be complex. And in no other industry is the complexity more prevalent than in security. Whether it is in the systems that protect the networks where data lives, or the physical security components that protect the building and people within, the requirements and expectations for security dealers and integrators taking on government contracts are incredibly high.

Typically, when asked to discuss subjects pertinent to security issues, I begin with solutions—the products that address particular challenges an industry is facing. However, when it comes to the government sector, I feel it is paramount to start with recommending that those in the security industry develop strong, meaningful and trustworthy partnerships to help navigate the specifics.

To reduce complexity, you need a strong team not only in your own business, but surrounding you in the form of partnerships. That means integrators must be closely connected with dealers they trust and be communicating constantly with manufacturers with whom they can build a long-term relationship. To ensure the continued success of winning these government contracts, every party must be on the same page with the requirements and regulations for these projects.

A Recent Example

My personal experience is in the world of doors, openings and door hardware products that provide the physical barriers and access control components for government facilities. In that field, the federal government’s Identity, Credential, and Access Management (FICAM) program coordinates the implementation of security protocols that manage, monitor and secure access to these facilities and the way they handle access control. While these mandates are designed to increase security, they also come with considerable opportunity for those looking to install, supply and work with government entities.

Many of the changes come as a result of the increase in security since the Sept. 11 attacks. With the creation of the Department of Homeland Security in 2003, a mandate was put in place to unify identity and authentication infrastructure for all federal employees and contractors.

The result of this push is the 2005 introduction of the FIPS 201 Personal Identity Verification, or PIV, requirements for federal employees and contractors. We are now at a point where new and existing access control systems, both physical and logical, are expected to support these PIV requirements along with other FICAM processes.

Today, every federal employee and contractor is issued a PIV ID Card.

The standard specifies the architecture and technical requirements for a common identification standard for federal employees and contractors. The overall goal is to achieve appropriate security assurance for multiple applications by efficiently verifying the identity of individuals seeking physical access to federally controlled government facilities and logical access to government information systems.

Regulations also provide technical guidance and recommendations for the use of PIV Cards in Physical Access Control Systems (PACS), enabling federal agencies to operate as government-wide interoperable enterprises.

What You Should Know

For manufacturers, these new regulations mean providing a full range of access control locks that support these PIV capabilities, offering government facilities an easy, affordable way to expand their PACS.

For integrators, dealers or anyone else working directly with the government end user, this means knowing exactly what PIV and PACS means, knowing what products can be used that meet the requirements, and knowing exactly how far into the facility a PIV-enabled device can be installed.

Understanding the use and potential application of a broad range of locks allows integrators to offer government facilities the ability to enforce strong authentication protocols at the main entry points into the building and extend their PACS to interior openings at a lower cost by using WiFi or PoE network infrastructure. It even allows the use of a server cabinet lock built for PIV support to protect critical government data.

Meanwhile, at exterior doors where strong authentication is required, government facilities can utilize electro-mechanical locks, electric strikes and PIV-enabled card readers for hardwired applications. Ensuring that these locks work with an authentication module and validation services is critical to not only providing advanced security, but also to meeting the government requirements.

Huge Opportunity

One of the reasons this is such a huge opportunity for integrators is that not everyone will be willing to take on the responsibility of becoming more aware of government regulations. Further, those who don’t properly educate themselves and don’t build a supporting network of partners are less likely to appropriately and properly bid for the contracts.

This leaves the educated provider with a solid section of potential business. There are approximately 6 million PIV credentials used at federal facilities. And the need to be able to use those credentials throughout the facilities, not just at the main entry points, is critical.

This brings us back to my original recommendation: find partnerships in this space.

Capitalizing on government contracts requires finding a manufacturer who will not only provide products that meet standards, but also the support that comes with understanding the nuances and changes to these standards. We’ve spoken heavily on the federal side of things, but codes and requirements also exist at the state and municipal level—further adding to the potential in this space. And again, a manufacturer that can work collaboratively with you on these projects will empower you to win more contracts and expand further into the facility.

Jeff Huggins is director of government programs for ASSA ABLOY Door Security Solutions.