In an age of heightened security demands and rapidly evolving mobile technologies, the Department of Defense is re-evaluating and updating its Identity and Access Management (IdAM) strategy to strengthen network access protection without placing undue burdens on authorized users.

“We’ve looked at a number of different solutions, from biometrics to different kinds of encryption; there’s a whole spectrum of solutions out there,” said Michael McCarthy, director of operations and program manager for the Army’s Brigade Modernization Command, based in Fort Bliss, Texas.

Yet, even as research into promising IdAM technologies moves forward, common access cards (CACs) and personal identity verification (PIV) cards, the current IdAM mainstays, are not going away any time soon.

“They are still important for physical access, and will be used in smart card readers on larger devices, particularly desktop computers,” said Steve Taylor, a solution architect for Intel Federal in Fairfax, Virginia.

While CAC/PIV readers will continue to be used with laptop and desktop PCs, the next-generation mobile devices now being adopted by DoD organizations require a fresh IdAM approach.

“The PIV card works quite well with laptops and desktops, but now we have new mobile computing devices that can’t use the PIV card very easily,” said Hildegard Ferraiolo, PIV program lead at the National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland.