Utilizing Face Authentication to Meet NISPOM Change 2 Requirements
Attention ITPSOs (insider threat program senior official): The deadline for new NISPOM Requirements is November 30, 2016, as set out by the May 18, 2016 Department of Defense published Change 2 to DoD 5220.22-M, “National Industrial Security Operating Manual (NISPOM).”
NISPOM Change 2 requires contractors to “establish and maintain an insider threat program to detect, deter and mitigate insider threats. Specifically, the program must gather, integrate, and report relevant and credible information covered by any of the 13 personnel security adjudicative guidelines that is indicative of a potential or actual insider threat to deter cleared employees from becoming insider threats; detect insiders who pose a risk to classified information; and mitigate the risk of an insider threat.”
Contractors must have a written program plan in place to begin implementing insider threat requirements of Change 2 no later than November 30, 2016.
ITPSOs can take a big step in implementing upgraded insider threat protections by using face authentication and credential verification technologies, as highlighted in section 8-303a of the Self Inspection Handbook for NISP Contractors.
8-303a: How is the user granted access to the IS (information system)? User-IDs? Personal identification biometrics?
The good news is that although the deadline for meeting the new requirements is coming up fast, these tech upgrades are easily obtained and implemented today using a set of face recognition, authentication and credential verification technologies.
DETECT, DETER AND MITIGATE WITH MULTI FACTOR AUTHENTICATION
Face recognition technology that employs the use of liveness detection, face authentication, a photo audit trail and credential capture helps ITPSOs ensure their organization is using state of the art technology to detect, deter and mitigate insider threats to information systems.
Face authentication is an ideal biometric authentication method for meeting stringent security requirements specifically aimed at insider threats:
- Face authentication typically doesn’t require any additional hardware, most devices already have cameras built-in.
- Face authentication requires individuals to register their face using multiple poses making it nearly impossible to spoof the system with 2D photos.
- High security access and transactions can require additional verification steps to increase the accuracy of the system. For example, by requesting multiple random poses, Ver-ID can attain a 99% accuracy rating by combining face recognition with behavior challenges.
CREDENTIALS CAPTURE AND MATCHING
A solution that also captures and matches faces to photo ID credentials ensures that the individual holds the proper credentials and can be configured to match the photo credential against the user’s face and/or against a registered user’s database. ITPSOs can quickly set up information system access to require both face authentication and credential matching, including PIV and CAC card authentication along with password and PIN.
PHOTO AUDIT TRAIL
Additionally, face authentication provides a uniquely visible and verifiable audit trail of each attempted login. Individuals attempting to access systems they don’t have permissions for will leave a photo trail of their logins, a strong deterrent and a useful tool in identifying potential security breach attempts.
ITPSOs should look for face authentication solutions that provide a feature called Persistent Authentication, which enables the camera to track the presence of the logged-in user the entire time they’re accessing the system. Persistent Authentication detects if the user’s face leaves the tracking area and immediately locks out further access. This makes it nearly impossible for someone to log in and then turn their device over to an unauthorized user. With a photo audit trail, if the user were to attempt this the camera would capture the activity and the individuals.
SINGLE SOLUTION FOR FACILITIES AND INFORMATION SYSTEMS SECURITY
Face authentication can also be set up for facility access security and combined with smartphones. This enables ITPSOs to add face authentication to existing access systems using a mobile app. The same technology can be deployed for both facilities and information systems security, significantly accelerating the launch of a new security program.
Face authentication provides a fast, economical and highly effective solution to increase protection against insider threats, with trackable, visible evidence of exactly who is accessing information systems and facilities.