NIST Releases Guidelines for Alternate Secure ID Verification
The newly released guidelines aim to uphold government cybersecurity amidst the COVID-19 pandemic.

National Institutes of Standards and Technology’s new guidelines for granting secure verification to government workers who manage protected information will allow federal employees who work with classified data to be granted access more easily amid the COVID-19 pandemic.
The publication of the NIST SP 800-63B Digital Identity Guidelines follows an ongoing effort across security-focused wings of the government to adapt around social-distancing guidelines while still allowing classified work to safely continue across federal IT networks.
One of the main challenges federal agencies have needed to overcome while allowing secure access to government networks has been the inability to conduct in-person identity verification.
“The challenge across the federal government in onboarding personnel under the FIPS 201 verification or PIV PROGRAM is that they require in-person identity proofing processes. And clearly this is precluded amidst the pandemic,” said David Temosh, senior advisor at NIST, during the Navigating the NIST SP 800-63B Digital Identity Guidelines forum last week.
The current impasse rests on reconciling the need for epidemiological safety with the technical security mandates. As a consequence, NIST and its partner agencies have developed newfound methods for remote verification that do not risk the further spread of COVID-19.
“We’ve needed to move toward credentialing and onboarding personnel using remote processes, but allowing for alternative credentials to the PIV card,” Temosh said. “We don’t want to lower security on the PIV card or reduce any of the binding processes to those cards, but some identity verification cards use biometrics — which means we need to perform in-person biometric collection. Which right now we have to put on hold.”
The newly developed solution has taken the form of a holdover system of remote verification that can allow a certain degree of access throughout the duration of the pandemic.
“So this has enabled agencies to onboard personnel using alternative non-PIV credentials until such time facilities can be opened and we can begin secure sessions to allow the actual intake process we use for onboarding,” Temosh said.
Other secure-focused agencies who work closely with NIST have begun implementing similar measures, using temporary forms of remote ID verification and onboarding before resuming in-person authentication once the pandemic ends.
“At CISA we issued a memo and came up with a series of processes for deriving alternative credentials for onboarding new hires,” said Rob Foard, IT specialist at CISA. “We can’t do in-person capabilities, so we do remote capabilities. So they’re issued a card that’s not a PIV card, but has the strength of authentication that the PIV does. And when we end this period we’ll complete the HSPD1 requirements and other requirements more fully and have PIV cards issued to these individuals.”
The COVID-19 responsive verification standards developed within NIST and CISA are also being deployed across the federal government as a whole, with CISA currently managing a knowledge-sharing program with partner agencies.
“CISA has been involved in pandemic response beyond identity management. We have a robust team of cybersecurity professionals advising agencies on whatever risks they may be encountering, and there definitely are new risks as we’ve been teleworking. And CISA has been helping agencies attack those risks,” Foard said.
Going forward, NIST also seems focused on creating a long-term response to the upsurge in federal remote work — including ongoing verification processes for employees who work permanently off site.
“Along with the PIV credentials, we’ve been tasked with further broadening the scope and allowing federal credentials and federal authentication processes to be enabled through additional types of authenticators for federal employees. This remote work environment has created acute demand for this kind of expanded capability, which we are building into our guidelines,” Temosh said.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Inside DOD’s Push to Grow the Cyber Workforce Through Academia
Diba Hadi gives her first interview since becoming principal director of the DOD’s Cyber Academic Engagement Office.
15m listen -
Agencies Tackle Infrastructure Challenges to Drive AI Adoption
Federal agencies are rethinking data strategies and IT modernization to drive mission impact and operational efficiency as new presidential directives guide next steps.
5m read Partner Content -
Generative AI Demands Federal Workforce Readiness, Officials Say
NASA and DOI outline new generative AI use cases and stress that successful AI adoption depends on strong change management.
6m read -
The Next AI Wave Requires Stronger Cyber Defenses, Data Management
IT officials warn of new vulnerabilities posed by AI as agencies continue to leverage the tech to boost operational efficiency.
5m read -
Federal CIOs Push for ROI-Focused Modernization to Advance Mission Goals
CIOs focus on return on investment, data governance and application modernization to drive mission outcomes as agencies adopt new tech tools.
4m read -
Fed Efficiency Drive Includes Code-Sharing Law, Metahumans
By reusing existing code instead of rewriting it, agencies could dramatically cut costs under the soon-to-be-enacted SHARE IT Act.
5m read -
Agencies Push Data-Driven Acquisition Reforms to Boost Efficiency
New initiatives aim to increase visibility of agency spending, improve data quality and create avenues to deploy solutions across government.
5m read -
Data Transparency Essential to Government Reform, Rep. Sessions Says
Co-Chair of the Congressional DOGE Caucus Rep. Pete Sessions calls for data sharing and partnerships to reduce waste and improve efficiency.
5m read -
DOD Turns to Skills-Based Hiring to Build Next-Gen Cyber Workforce
Mark Gorak discusses DOD’s efforts to build a diverse cyber workforce, including skills-based hiring and partnerships with over 480 schools.
20m listen -
AI Foundations Driving Government Efficiency
Federal agencies are modernizing systems, managing risk and building trust to scale responsible AI and drive government efficiency.
40m watch -
Trump Executive Order Boosts HBCUs Role in Building Federal Tech Workforce
The executive order empowers HBCUs to develop tech talent pipelines and expand access to federal workforce opportunities.
3m read -
Navy Memo Maps Tech Priorities for the Future Fight
Acting CTO’s memo outlines critical investment areas, from AI and quantum to cyber and space, as part of an accelerated modernization push.
5m read