The U.S. Department of State has selected a Canadian company to work on a pilot project for Homeland Security, aimed at meeting the requirements of a presidential directive.
Cryptography specialist WinMagic Inc. of Mississauga, Ont., was chosen for its SecureDoc encryption software that enables full-disk encryption at pre-boot level, which can be integrated with USB identification tokens and authentication smart cards.
The Homeland Security pilot project is focused on integrating personal identity verification (PIV) cards and biometrics with public key infrastructure (PKI) and disk encryption. WinMagic is one of five companies selected for the project, with Entrust, Precise Biometrics of Lund, Sweden, SafeNet and VMware.
Thi Nguyen-Huu, CEO of WinMagic, says his company’s vision of an integrated security approach is now paying off. “We have been working on token and smart card PKI integration for more than four years,” he says. “SecureDoc passed government tests for PKI interoperability years ago, and this pilot project highlights WinMagic’s foresight in smart card PKI integration.
“We’re now hoping that the pilot project with the State Department can serve as a template for the whole U.S. government and private sector. We believe there is no other disk encryption product that offers this level of integration. And, since it’s a requirement now for U.S. federal government employees, this pilot can potentially become a very big deal for us.”
Presidential Directive 12, published by the White House in August 2004, states that federal government employees and contractors must use smart card technology, containing digital identity in the form of a PKI certificate, to gain access to facilities and information systems.
WinMagic’s inclusion in the Homeland Security pilot was announced at the Computer Security Institute (CSI) Exhibition in Washington, D.C., last month and followed shortly after another high-profile deal with Black Hat Inc.
Seattle, Wash.-based Black Hat is an IT security consulting and education company that puts on a number of conventions worldwide. Among the company’s clients are U.S. federal government departments and global enterprise businesses.
Nguyen-Huu says agencies recognize the need to integrate full-disk encryption with already mandated authentication technologies.
“This will not only protect sensitive data on computers from internal and external security breaches, but will also prevent unauthorized access from stolen laptops,” he says.
Black Hat selected SecureDoc for its ease of use and two-factor authentication in full-disk encryption, says Jeff Moss, founder and CEO of Black Hat, which was acquired last month by CMP Media LLC of Manhasset, N.Y., the company that owns the CSI Exhibition.
Black Hat was using Rainbow USB authentication tokens to identify its laptop users, but wanted to integrate full-disk encryption to ensure that a lost or stolen laptop could not provide unauthorized access to sensitive data.
“Entrusted with highly sensitive customer information, it is absolutely critical that Black Hat can ensure all data is secure,” says Moss.
Jim Armstrong, national sales manager for WinMagic, says encryption at pre-boot adds another layer to ensuring hackers cannot access the drive.
“Two- or even three-factor authentication at pre-boot is one thing, but it’s just as important to scramble everything up at this point,” he says. “This way, even if a hacker does get past the authentication, the data is always encrypted.”
Moss says his company is in a unique position to evaluate security products, as a world-recognized think tank of security experts that provide consulting, training and briefings.
“SecureDoc has made it simple to protect all data on Black Hat’s laptops, while simultaneously making it easy to combine the benefits of user-friendly encryption with two-factor authentication,” says Moss.
Armstrong says SecureDoc’s Enterprise Server access and control application enables the computer administrator to simplify the encryption process.