DOD: Mission execution from home

Authentic8 has announced the immediate availability of enhanced CAC/PIV card capabilities with Zero Trust Application Access for remote workers

One of the many inspiring things we continue to witness as we experience the COVID-19 pandemic is people coming together to solve problems; some problems we didn’t yet know existed, and others that weren’t yet priorities.

Authentic8’s recent press release highlights a prime example: our partnering with the Department of Defense (DoD) to help them once again turn crisis into opportunity.

Responding to increased demand from government organizations needing to maintain productivity in a COVID-19 work-from-home environment, we have announced the immediate availability of enhanced Common Access Card (CAC) or Personal Identity Verification Cards (PIV Cards) card capabilities for remote work scenarios. This enhancement includes support for all forms of DoD certs, numerous user personas, and support for multiple certificates.

Government organizations require strong authentication and encryption methods to provide access to resources. Government employees and military personnel accessing online solutions need to use CAC/PIV tokens, which combine hardware smartcards with centrally managed certificates for secure authentication.

Remote work in the DoD is here to stay; there’s no putting that genie back in the bottle. With this significant step forward, we can expect improved productivity, increased collaboration, and enhanced quality of life for all affected.

The challenge is in enabling remote work in a way that gives operational and cybersecurity proper consideration, while also acknowledging resource constraints (e.g., hardware). That’s where Zero Trust Application Access comes in.

As Justin Cleveland, Head of Government Business at Authentic8, put it, “The requirement that offices close and send workers home came more quickly and had more immediate consequences than anticipated.”

“This has put IT on its heels, trying to maintain business continuity, sending employees home without having adequate infrastructure or procedures in place to accommodate them. Government employees aren’t typically configured for remote access, and their personal computers aren’t equipped with CAC or PIV readers.”

As a result, the DoD faced several challenges. There was no pool of government-funded equipment (GFE) from which to issue laptops. There was not nearly enough virtual private network (VPN) capacity to meet the demand.

And even if there was, while VPNs may provide a secure connection back to the environment, they don’t offer any additional protections for the user or the data, and they don’t enable governance or oversight when users access cloud-based applications.

Knowing how critical CACs are for our government customers to access essential business applications and websites with a .gov or .mil top-level domain, our engineering team spurred into action. It flexed to enable access to those resources in less than a week.

When presented with this new capability, Captain Harold “Hal” Cole, Commander of the Navy’s Defensive Cyberspace Operations Task Force, said it best:

• “Just as we have transferred risk off our network while at work using Silo, we now have the capability to rapidly enable mission execution from home. I encouraged my entire command to download Silo on their home computers and login with their work credentials.”

Cole calls Silo “the fastest, most responsible way to access CAC-enabled government sites without bringing data onto their personal devices.”

Authentic8’s Zero Trust Application Access not only allows you to transfer risk off of your network, but it also ensures personal devices neither introduce new risk to your network nor retain any data you don’t want to leave your network. Problem solved - collaboratively.