New NIST guidance for mobile identity
The latest guidelines from NIST and NCCoE describe best practices to help you extend the security of PIV smart cards onto more convenient mobile phones and tablets.
Over the past several months, Intercede has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project for the federal sector.
The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address government and businesses’ most pressing cybersecurity challenges. I’m excited to share that the NCCoE has just released a second draft practice guide titled NIST SP 1800-12, Derived Personal Identity Verification (PIV) Credentials.
The guide explores methods that federal and commercial organizations can use to extend the identity proofing and authentication associated with PIV Cards to mobile devices. The guide also maps security characteristics to standards, guidance, and best practices from NIST, including the Homeland Security Presidential Directive-12 and related Federal Information Processing Standard 201 specifications.
The draft is available for download on the NCCoE website. Please share your thoughts with the NCCoE on this step-by-step guide to help make it better. The comment period is now open and will close on October 1, 2018.
With our market-leading PIV credential management product, Intercede are pleased to be able to offer MyID for derived credentials as either a cloud or on-premise solution to federal agencies and related industries.
You can find more about our derived credential solutions here.
Trusted by Governments and Enterprises Worldwide
Where protecting systems and information really matters, you
will find Intercede. Whether its citizen
data, aerospace and defence systems, high-value financial transactions,
intellectual property or air traffic control, we are proud that many leading
organisations around the world choose Intercede solutions to protect themselves
against data breach, comply with regulations and ensure business continuity.