Transportation ID program lacks a reliable disaster recovery plan, GAO says
Connecting state and local government leaders
An October 2008 power failure at a TSA data processing center that handles Transportation Worker Identificiation credentialing affected PIN availability on approximately 410,000 cards, according to a recent GAO report. Replacing the cards could cost as much as $26 million.
The Homeland Security Department enrolled more 1.1 million workers in the Transportation Worker Identification Credential program by its April 15, 2009, deadline for issuing the biometric ID cards to access secure port facilities. But the lack of a disaster recovery program on the part of the Transportation Security Administration allowed a power outage at a data processing center to interrupt the process and eventually could require the replacement of up to 410,000 of the smart cards.
“If TSA had planned for a potential TWIC system failure, in accordance with federal requirements in contingency planning and internal control standards, it might have averted the system failure that occurred in October 2008,” the Government Accountability Office said in a recent report on TWIC progress.
GAO also identified a number of weaknesses in the pilot program for testing biometric readers that will integrate the credentials into access control systems.
“Since September 2008, TSA has revised its schedule for completing the TWIC reader pilot from October 13, 2009, to a year later, October 4, 2010,” the report stated. “Consequently, TSA’s current schedule indicates that they will not meet the April 2010 deadline for reporting to Congress on the results of the TWIC reader pilot.”
DHS said it has begun eliminating points of failure in its TWIC systems, spending $1.8 million to correct problems, and is constantly updating the schedule of the reader pilot program.
The TWIC program was established in December 2001 to provide secure credentials to workers accessing secure areas of transportation facilities, initially for airports. In November 2002 it was expanded to maritime facilities; TSA and the Coast Guard decided to implement it first in maritime ports and vessels.
Since fiscal 2002, the program has been funded at $287 million, most of that coming in 2008 and 2009. Enrollment began in October 2007, and by April 15 the program had enrolled more than 93 percent of the estimated 1.2 million workers who will use the cards, using 150 fixed enrollment sites and 450 mobile facilities. The system was flexible and adapted to the surge of workers entering the program, but there were local problems. At the April 15 deadline, only 906,956 cards had been activated, leaving 214,505, or 19 percent of enrollees, without activated cards.
The largest single glitch was the Oct. 21, 2008, power failure at the Annapolis Junction, Md., TWIC data processing center.
“The power outage caused a hardware component failure in the TWIC enrollment and activation system for which no replacement component was on hand,” GAO said. “Consequently, data associated with individual TWICs could not be accessed or processed.”
The outage was quickly corrected, but loss of some data meant that personal identification numbers cannot be reset on about 410,000 cards already issued. “Consequently, TSA will have to replace the cards for cardholders who forget their PINs instead of resetting these PINs.” As of Aug. 1, 1,246 cards had been replaced.
Replacing all of those cards could eventually cost as much as $26 million, although, “TSA notes that it is highly unlikely all 410,000 affected transportation workers will forget their PINs and be unable to remember them within 10 attempts, thus requiring their cards to be replaced,” wrote Jerald E. Levine, DHS liaison with GAO.
“The lack of an approved contingency plan has been a longstanding concern as identified by the DHS Office of Inspector General,” GAO said. “If TSA had planned for a potential TWIC system failure in accordance with federal requirements in contingency planning and internal control standards, it might have averted the system failure that occurred in October 2008.”
Levine said work already is underway to correct that problem. “TSA has already taken action to develop and implement an IT contingency and disaster recovery plan for TWIC systems,” he wrote. “TSA has reviewed the system architecture to identify single points of failure and has concluded a $1.8 million effort to implement redundancy and scalability enhancements.”
The next step in implementing TWIC is developing the biometric card readers and creating the rules to integrate reader technology and business rules with TWIC. The Coast Guard issued an Advanced Notice of Proposed Rulemaking in March 2007. A pilot test program is getting under way at the ports of Los Angeles and Long Beach in California, Brownsville in Texas, and the Port Authority of New York and New Jersey; as well as the State Island Ferry, Magnolia Marine Transports in Vicksburg, Miss., and Watermark Cruises, in Annapolis, Md.
The pilot tests are supposed to provide information for development of the final reader rule, to be issue in August 2010, but that schedule has now slipped and pilot testing is not expected to be complete before October 2010.
Weaknesses in the pilot identified by GAO include scheduling problems and a lack of detailed information on how data will be analyzed.
Levine replied that management and scheduling of the pilot is in-hand.
“DHS uses the schedule as a management tool to assess the overall progress of each participant, focusing outreach and coordination efforts on the completion of key tasks when risks to the critical path are identified through constant monitoring,” he wrote. “DHS will continue to update and improve the schedule as new information becomes available during our ongoing, regular dialogue with pilot participants.”
NEXT STORY: iPhone overcoming IT security skepticism