Announcement

Collapse
No announcement yet.

TWIC upgrades and welcome

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • TWIC upgrades and welcome

    I'm upgrading the security system at our plant to comply with TWIC requirements. Has anyone here had any experience with this?

    I currently have a DSX access system. I can add another vendor's TWIC reader system to the DSX, or just throw the whole thing away and start over.

    Any thoughts on what the best access system is? Card readers? Software?

  • #2
    Welcome to the forum Matt. Someone here will be able to answer your question in short order.
    Enjoy the day,
    Bill

    Comment


    • #3
      Originally posted by Matt View Post
      I'm upgrading the security system at our plant to comply with TWIC requirements. Has anyone here had any experience with this?

      I currently have a DSX access system. I can add another vendor's TWIC reader system to the DSX, or just throw the whole thing away and start over.

      Any thoughts on what the best access system is? Card readers? Software?
      Here's a link to Security Director News. There's an article about TWIC, starting on the front page. Apparently there are no "security grants" in place for the biometrics end of the system. Mike O'Brien, port facilities security director for the Port of Oakland, CA said, "it's strictly a flash pass." "We check the security features at the the terminal gates, but no verification of the biometrics."

      Makes you scratch your head.
      Retail Security Consultant / Expert Witness
      Co-Author - Effective Security Management 6th Edition

      Contributor to Retail Crime, Security and Loss Prevention: An Encyclopedic Reference

      Comment


      • #4
        Our plant upgraded to a Lenel system last summer and there had been plans to link access with TWIC posession. So far we've only gotten to entering confirmed TWIC information (possession, card number and expiration date) into the system. The rumor I'm hearing is that there isn't a reliable way to link the two systems. I'll post more when I find out more
        "Lawyers, Guns and Money"

        "Don't pick a fight with an old man. If he's too old to fight, he'll just kill you."

        Comment


        • #5
          Matt, I've posed the question to a knowledgeable source in the industry; he may respond directly, or he may email me some tips, or may even publish an article on the subject of TWIC-related access control system upgrades on the main site. I'll let you know either way by doing a follow-up post here once I get info from him.

          Geoff/SIW

          Comment


          • #6
            TWIC access control upgrades

            Ok, here's what I've learned:

            1. You're probably in one of the adjunct facilities that the Coast Guard is recommending implement TWIC, right? Not at an actual port? By plant, I bet you're not part of an actual port? The following is based on that assumption.

            2. There aren't actually TWIC approved readers yet.

            3. The TWIC is still just a flash pass at this point, except for some pilot projects (like Port of Long Beach), and even those pilot projects aren't done (or maybe even haven't started).

            4. If you're going to upgrade, I'd probably wait.

            5. If you don't want to wait, consider checking to make sure your physical access control system (PACS) is compatible with PIV standards. I don't know if DSX is compatible. Ask them and verify, verify, verify.

            6. If you're going to get readers, get CHUID readers. http://fips201ep.cio.gov/documents/C...ure_v3.0.0.pdf

            7. Understand that biometrics may/may not be required, and that it may depend on MARSEC levels on when/where certain authentication security features will be required.

            8. There are not TWIC-approved readers yet. There are what they call ICE readers, but that only means those readers have been approved to be tested going forward in the assorted pilot projects. And the funds haven't been released yet for most of the big pilot projects.

            9. You can probably simply post an officer to check the badges as "flash passes" at this point. That, after all, is what's being done at the ports.

            10. If you're redoing any of your access points, run Ethernet to where the reader would be as well as the standard low-voltage and power wiring you'd run. Most vendors seem to think that these readers are going to need to connect via Ethernet for some of the "special things" that TWIC needs in terms of communications with servers for whitelists/blacklists/certificate validation/biometric usage.

            11. Read this ANPRN: http://edocket.access.gpo.gov/2009/pdf/E9-6852.pdf

            12. Read this paragraph: Identity verification ensures that the individual presenting the TWIC is the same person to whom the TWIC was issued. In its most reliable form, this is done by matching the biometric template stored in the TWIC to the TWIC-holder’s live sample biometric (e.g., a fingerprint). However it can also be done to a less reliable degree by visually comparing the photo on the TWIC to the TWIC-holder or by requiring the TWIC-holder to place their card into a contact smart card reader
            and then entering his/her 6-digit Personal Identity Number (PIN), selected by the TWIC-holder at card issuance.

            13. That's the paragraph where they basically OK TWIC as a flash pass.

            P.S. I've moved this thread and changed the title so that it is in the access control section, since it's becoming a high-level access control/identity discussion.

            -Geoff/SIW

            Comment

            Leaderboard

            Collapse
            Working...
            X