Power LogOn® meets US Government’s FIPS 140-2 requirement for networks access control

FIPS 140-2 Verification

 

Government regulations mandate agencies to implement multi-factor authentication for secure network access control (NAC). User names and passwords are still the most common form of authentication. Access Smart’s Power LogOn Password Management Solution (Version 5.4.x) uses strong encryption, smart card technology and secure communications protocols that meets the Office of Management and Budget (OMB) E-Authentication Guidance for Federal Agencies [OMB M-04-04] requirement for Level-3 and Level-4 authentication.

 

Access Smart contracted InfoGard as an independent third-party to verify that Power LogOn uses cryptographic algorithms and methods that comply with the FIPS 140-2 requirements.

 

 According to Mr. Dovell Bonnett, Founder and CEO of Access Smart, “The reason we selected InfoGard was because we wanted a trusted, independent and documented analysis that assured our customers that Power LogOn meets their HIPAA, HSPD-12, CJIS, etc. multi-factor authentication requirements.”

 

Passwords are still the most common means to authenticate a user. “Passwords are secure,” stated Mr. Bonnett. “What is insecure is how employees generate and manage them. It’s time to remove this weak link.” With Power LogOn, employees no longer need to generate, remember, type or know their passwords.

 

The Power LogOn password management solution allows an agency’s IT manager to centrally manage all passwords. Mr. Bonnett explained that, “Once the employee is not required to generate and manage passwords then passwords are no longer classified as ‘something you knows’ ”. Passwords can now be managed as efficiently as symmetric keys.” 

 

Power LogOn takes the user out of password management, creates a randomly generated complex character string, assigns every account its own unique string, and a string can be changed as frequently as IT deems necessary. These are the same requirements imposed on symmetric key generation. The security of a key is also determined by how it is stored, protected and implemented.

 

Power LogOn implements multi-factor authentication and eight layers of assurance in the form of PINs, cards, biometrics, AES-256 & SHA-256 encryption, CHUID, challenge/response, password salting and user classification code. Power LogOn can be added to an existing CAC or PIV credentials without the need for re-badging.

 

Power LogOn’s password management is one of the most important tools in an agency’s security arsenal. Not only does it deliver employee convenience, it offers authentication, non-repudiation and authorization.  Power LogOn’s FIPS 140-2 verification gives IT managers the confidence that their multi-factor authentication implementation complies to the many government computer security regulations.

Finally, licenses are transferable, no annual subscription fees and the ability to work with existing credentials make Power LogOn the most affordable, flexible and scalable multi-factor solution for network access control.

 

FIPS 140-2About Access Smart:

Founded in 2005 and headquartered in Ladera Ranch, California, Access Smart, LLC (a certified CA Small Business) offers the total solution for logical access products (software, licenses, cards and readers) to make network authentication deployment fast, easy and inexpensive. We are dedicated to empowering businesses, agencies and institutions to securely regain control over their computers and networks at the point of entry.  Authentication, authorization and non-repudiation do not have to be cumbersome to be effective. That’s why our products are designed using state-of-the-art security technologies while focusing on ease-of-use and low-cost-of-ownership. For further information, please visit www.access-smart.com.

 

About InfoGard:

InfoGard Laboratories, Inc., founded in 1993, is an independent, third party, professional service organization. Our staff includes experts in cryptography, computer engineering, network analysis, project management, and financial services. InfoGard was the first laboratory accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) to perform FIPS 140 validations. InfoGard has successfully performed more FIPS validations than any other laboratory. InfoGard is also a Common Criteria Laboratory.  For further information, please visit www.infogard.com.