With all the talk this past winter about sequestration, budget cutting and economic stimulus funds ending, it has left those of us in the federal market wondering where to focus our efforts. However, on Jan. 2, President Obama signed the $633.3 billion fiscal 2013 defense authorization bill ($1.7 billion more than requested). This legislation gives way to important Department of Defense (DoD) programs and “it authorizes essential support for service members and their families, renews vital national security programs, and helps ensure that the United States will continue to have the strongest military in the world.”

As things heat up in places like Syria and North Africa, defense readiness continues to be at the forefront of Washington discussions. Terrorism remains a continuous underlying concern involved in budgeting for security programs. In addition, several factors are constants as they relate to the federal physical security market — force protection, integration of disparate systems and instant notifications/alerting. These are key motivating factors within the DoD and other federal agencies.

Force protection includes DoD directives and centralized management functions for the research, development and acquisition of interior physical security equipment, command and control systems, security lighting, tactical security systems, barrier systems, and mass notification/personnel alerting systems. In lieu of the bombing of the USS Cole, the Ft. Hood shooting, and other similar dangers posed to our troops at home and abroad, force protection is a top concern. Spending on the above-mentioned platforms and new technologies will continue as long as there is a terrorist threat.

Emergency communications came to the forefront in 1996, with the attack on the Khobar Towers in Saudi Arabia. This attack killed 19 U.S. servicemen and propelled the government to new measures on the Unified Facilities Criteria design guide as well as emergency communications protocol (mass notification). Today’s military and other federal installations may contain multiple tenants and have thousands of personnel to alert in a crisis. With blast messaging tools, instant messages are sent to the right personnel, on time, over various means. These desktop alerting systems are now mainstream and involve alerting to not only the standard systems previously mentioned, but also to radios, digital signage, giant voice, PDAs/smartphones and practically all other communication devices.

As we return nearly 70,000 troops home from Afghanistan, concerns for base housing as well as veterans’ health and welfare will garner much focus. The DoD housing construction allowance including reserves is pushing upwards of $200 million (not including privatization allowances). New diagnosis parameters for post-traumatic stress disorders (PTSD) have dramatically increased the number of patients to treat. The Department of Veteran Affairs (VA) has authorized construction for numerous outpatient clinics as well as major lease acquisitions for larger clinics throughout the country. With this comes the need for safety and security of our soldiers, federal civilian employees and property. The U.S. has approximately $48 billion worth of equipment in Afghanistan. Once received on our shores, physical security risk to federal property must be mitigated as well.

Finally, we should be aware of the National Protection and Programs Directorate. Under the Department of Homeland Security (DHS), this program has been established to help enhance the nation’s physical and cyber infrastructure. We should pay close attention to the infrastructure protection piece as this adds improved physical security requirements and resources for both government and private sectors. Critical infrastructure protection groups are now commonplace in most states and bring together DHS, state and local law enforcement, and private entities as well as physical security integrators.

The above examples highlight numerous security systems and offerings. Each of these security subsets can be part of a comprehensive security platform for government and DoD facilities. Having the technical capabilities and resources to streamline distinct systems into a virtual one-system command center — with the ability to integrate video, access control, fire alarm, mass notification, wireless and other communication/emergency protocol — will separate elite security integrators from the rest of the pack. In addition, having the federal certifications and requirements to properly perform on a federal facility is a must.

Certifications and Related Requirements

With all government security and IT systems there are varying degrees of safety measures that government vendors must have. With the convergence of physical security and IT, cloud-based computing as well as recent headlines of Chinese infiltration, you can bet that these specification requirements will only increase throughout DoD and other federal agencies. One of government’s top priorities is to protect our IT infrastructure from being compromised. Following is a look at just some of the standards currently in play.

These standards are often based upon the sensitivity levels of the facility and their associated programs. For instance, Sensitive Compartmented Information Facilities (SCIFs) areas within a building or other government space mandate certain requirements (i.e. access control, types of computers and other equipment being used) to protect these spaces. Also, assigned clearance levels such as Confidential, Secret, and Top Secret help dictate which certifications are required.

For instance, at DoD installations, Defense Information Assurance Certification and Accreditation (DIACAP) is one assurance program applied on information systems. These requirements can lead into credentialing certifications for both federal employees and contractors trying to access federal facilities and information systems. HSPD-12 is one such requirement that has required access control manufacturers to become FIPS-201 compliant for credentialing under Personal Identity Verification (PIV). PIV outlines identification and authentication of federal employees and contractors.

Other standards concern themselves more on communications protocol and intrusion detection utilizing UL methods. UL 2050 is the primary example of this. It was developed in collaboration with U.S. federal security agencies. The intent is to certify an alarm service provider adheres to UL 2050 standards and that the provider request certificates under the National Industrial Security Systems (CRZH) for areas that must adhere to the standard. The monitoring portion for these areas can be covered under National Industrial Monitoring Stations (CRZM).

Yet other requirements address handling procedures for classified information. This is for the “cleared” work typically found in SCIF and on many military sites. This cleared work is done under the guidance of another federal security program — National Industrial Security Program Operating Manual (NISPOM). NISPOM spells out the guidelines for contractors and others in storage and handling of classified information. It states how contractors are to safeguard this information according to the agency they are working under.

Certain NISPOM sections even highlight vulnerabilities identified in security equipment, intrusion detection systems, access control systems, communications security equipment or systems, and information system security hardware and software used to protect classified material. Other sections refer to unauthorized receipt of classified material and disposition of classified material and reporting of loss or suspected compromise. Having the knowledge of the certifications and compliance rules is analogous to knowing the procurement methods the government fol
lows.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content