Austin, TX – April 08, 2021 – Access Smart announces today that a USAF base is deploying the new Power LogOn Government Certificate-based Offline Authentication software for secure MFA certificate authentication for their offline computer systems.
There are many offline computer systems within the DoD. These systems can never be connected to any internet or network for security reasons. However, these same systems still require Multi-Factor Authentication (MFA) to validate authorized access.
A United States Air Force base contacted Access Smart asking if the Power LogOn MFA solution would allow their airmen and airwomen to use their existing CAC ID and digital certificates to log onto their 100% offline, Windowsbased, systems. The answer: “Yes.”
Access Smart demonstrated the Power LogOn Government Certificate-based Offline Authentication product (GOV-COA). The Air Force then purchased a pilot kit to fully test the solution prior to deployment and license purchases. Along the way, the USAF came back with additional requirements which Access Smart was able to accommodate, including adding the USAF Seal to the Power LogOn Home screen.
GOV-COA allows the USAF IT Administrator to enroll all their approved user’s access rights. The list of approved users is added to each offline system. Because some users have access to multiple systems, while others only have access to one, the administrator can use the Power LogOn tools to manage users. When a CAC ID is presented and the CAC PIN is typed, Power LogOn determines if that person has access rights. If so, the user gets automatically logged in to Windows, without the user knowing or typing any password information. UPDATE: We have now added global licensing capabilities so users on remote workstations can self-enroll.
“Cybersecurity starts when a computer is first powered up,” said Dovell Bonnett, founder and CEO of Access Smart. “The first step has to be secure authentication of the user. Offline systems are no exception when it comes to authentication. What better way to determine access rights than by combining MFA, Digital Certificates and Login Password Management without any network connections.”
Power LogOn GOV-COA builds on layers of security: True MFA with the CAC ID (Something they Have), the CAC existing PIN (Something they Know), and the public/private keys (Clone Prevention).
All this is accomplished without any modification to the CAC credential (FIPS 201 compliant), no backend modification to any systems, and it can be made operational within a couple of hours. After evaluating their specific functional requirements and reviewing the market, referring also to the DoD’s Security Technical Implementation Guide (STIG), Power LogOn was the Air Force’s winner.
The USAF Contracting Office requested both an RFP and RFQ through NASA’s Solution for Enterprise-Wide Procurement (SEWP). Many of our government resellers bid on this project which was finally awarded to Software Information Resource Corporation (SIRC), a SBA Certified HUBZONE Company, in March 2021.
In addition to Power LogOn GOV-COA, our Power LogOn GOV-PKI solution also works with GOV-COA, so the same credential can be used for both offline and online systems. If you or your customer would like to know more about how Power LogOn GOV-COA, or any of our other solutions, can work in different environments, please contact Access Smart.
