SurePassID Announces First Authentication Platform to Fully Eliminate Passwords for On-Premise and Air-Gapped Networks
ST. PETERSBURG, Fla., May 16, 2023 (Newswire.com) - Cybersecurity leader SurePassID today announced the release of SurePassID Authentication Server 23.1, which fully eliminates passwords for federal agencies, corporate enterprises, and critical infrastructure operators seeking to comply with Zero Trust and phishing-resistant user authentication mandates.
SurePassID's software, installed on-premise or in air-gapped systems, provides passwordless and phishing-resistant multi-factor authentication (MFA) so employees and contractors can securely access sensitive data and applications without the security risks associated with public cloud gateways. SurePassID enables cybersecurity administrators to add FIDO2/WebAuthn-based authentication quickly and easily to applications that were previously difficult to secure due to age, complexity, or use case requirements. In access scenarios where FIDO2/WebAuthn passwordless or second-factor authentication is not available, SurePassID automatically falls back to a compliant authentication method such as a one-time password, thus ensuring a seamless user experience.
"Critical infrastructure sectors are under growing pressure to meet Zero Trust mandates and modernize their cybersecurity infrastructure, but they need solutions that eliminate dangerous public cloud gateways and deploy in on-premise and air-gapped environments," said Mark Poidomani, founder and CEO/CTO of SurePassID. "SurePassID makes it easy for critical infrastructure enterprises, like those in government and defense, to meet those mandates without relying on costly and cumbersome PIV or CAC cards."
To secure access to critical data and infrastructure systems, federal agencies are required to implement Zero Trust and phishing-resistant MFA as outlined in the White House's Moving the U.S. Government Toward Zero Trust Cybersecurity Principles (OMB M-22-09) and the National Institute of Standards and Technology (NIST)'s Zero Trust Architecture (SP 800-207). MFA is increasingly mandated in the 16 critical infrastructures sectors defined by the Department of Homeland Security, requiring compliance with NIST's Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (SP 800-171) or the Department of Defense's Cybersecurity Maturity Model Certification (CMMC 2.0). SurePassID helps public and private sector customers comply with these cybersecurity mandates, enabling passwordless and phishing-resistant authentication whenever and wherever possible, and automatically falling back to other compliant authentication methods if need be.
SurePassID is a hardened solution which is typically deployed in Microsoft Azure GCC, GCC-High, and Amazon AWS GovCloud instances. Other security features include the industry's most comprehensive logging and audit trail, secure user and token provisioning methods, a secure software bill of materials (SBOM), AES 256/TDE/SHA 256-512 encryption, FIPS 140 compliance, managed hardware security modules (HSM) such as Microsoft Azure Key Vault, and more. At a fraction of the cost of traditional on-premise solutions, SurePassID is both simple to install and administer, with configurable degrees of automation.
About SurePassID
SurePassID is the leading provider of user authentication solutions for IT/OT systems and critical infrastructure. The company's platform deploys wherever secure user access is needed - including on-premise or air-gapped networks - thus eliminating the security risks associated with public cloud gateways. SurePassID is highly extensible, highly scalable, and highly available, delivering up to 99.9999% ("Six Nines") to meet critical infrastructure SLAs. The company's customers include federal law enforcement agencies, top defense contractors, and Fortune 10 healthcare companies. SurePassID sells its solutions direct and via a global network of resellers and integrators. Visit surepassid.com to find out more.
Source: SurePassID
Share:
Tags: authentication, cybersecurity, MFA