Multifactor authentication (MFA) is a simple incremental protection layer that provides significant security benefits. MFA reduces risk by requiring threat actors to compromise two different authentication sources. Implementing MFA is a requirement of EO 14028, explicitly stating that organizations should implement MFA.
Cigent is unique in providing MFA to protect data at rest and while the devices is in use.
MFA for Pre-boot Authentication
Multi-factor authentication complements full-drive encryptionand PBA to ensure data at rest (DAR). Hardware encryption prevents data from being unauthorized access, pre-boot authentication (PBA) provides a separate, hardware-secured environment for authentication, and multifactor authentication mitigates the risk of attackers compromising a single factor.
Step-up Authentication for Data Access
Cigent provides the capability to create hidden partitions, ensuring data is secure even after the device logs on. Data is accessed after the hidden partitions have been unlocked using step-up authentication. Additionally, another layer of step-up authentication can be configured to require users to authenticate to access data. This approach prevents cloning, wiping, or other data attacks, including data exfiltration or modification.
Multiple Forms for Authentication
PBA can support multiple forms for authentication, including username and password, Common Access Card (CAC),security key, and a combination of password and CAC or security key for two-factor authentication.
PBA is NIAP
PBA is NIAP validated for the collaborative Protection Profile(cPP) for Full Drive Encryption - Authorization Acquisition(FDE_AA) Version 2.0. It follows the encryption standards defined by the Commercial National Security Algorithm (CSNA) for Data at Rest (DAR) and National InformationAssurancePartnership (NIAP).
Benefits
Address Compliance Requirements with MFA Protection
Commercial Solution for Classified
When using Cigent PBA and Cigent (SED), the CPP for bothFDE_AA & FDE_EE can be validated to provide a full outer layer of protection as defined by Commercial Solutions of Classified(CSfC) Data at Rest capability package v.5.0.
Collaborative Protection Policies
PBA can help solve the compliance requirement for Full DriveEncryption (FDE): PBA fulfills the FDE_AA of the CollaborativeProtection Profiles (cPPs).
Executive Order 14028
Executive Order 14028 requires federal agencies to implement MFA to secure their accounts, including data at rest.
Prevent Cloning and WIping
Hidden partitions with step-up authentication uniquely protect data when the device is in use, including preventing cloning and wiping attacks.
The Cigent Advantage
Cigent is prepared to support your mission navigating the complex compliance requirements to protect data at the edge. Its solutions were developed for and with US Federal agencies with deep expertise in data protection. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).
To ensure availability and provide flexibility, Cigent works with leading drive manufacturers including Digistor, Kanguru, and Seagate and Cigent offers our own branded drives.
provide value to the visitor
FIPS 140-2 & FISMA — Understanding Cybersecurity Compliance for Cryptography Modules
Understand FIPS 140-2, its compliance requirements for federal agencies, and the ..
Adding Pre-Boot User Authentication for Sensitive Data Security
Why federal agencies need to protect sensitive and classified data with pre-boot user ..
Data Security for Unmanned Vehicles—both UAV and UGV
Ensure data security for unmanned vehicles with advanced protection methods. Learn about ..
Frequently Asked Questions
Check out the answers to some of most frequently asked questions about Cigent, what we do, and how we do it. Don’t see your question on the list? Click the BOOK A DEMO button in the top right corner of your screen to learn more about us during a custom demo.
Cigent protects data on devices operating at the edge from unauthorized access. Cigent solutions secures data at rest with layered protection including hardware encryption, pre-boot authentication, and multifactor authentication. Cigent also ensures data integrity when the device is in use preventing wiping and cloning and other data attacks.
To prevent sophisticated adversaries from unauthorized access requires layered protection. The foundation of Cigent solution is 256-AES full drive hardware encryption with pre-boot and multifactor authentication. These capabilities have been validated by agencies including NSA and NIAP. Additionally, Cigent provides capabilities that ensure the integrity of data through its lifecycle including hidden partitions, storage-embedded AI, and verified data erasure.
Multi-factor authentication (MFA) is a more secure way to verify a user's identity than a username and password alone. It is a multi-step login process that requires users to provide more than one type of information, such as a password, hardware authenticator (i.e. YubiKey), or a biometric marker.
Software encryption uses software tools and the main system microprocessor to encrypt and decrypt data, while hardware encryption uses dedicated chips and a separate processor. Hardware encryption is more secure and faster than software encryption. From a security perspective, hardware encryption is independent of the operating system and harder to intercept or break. It is less vulnerable to side-channel attacks and can be tamper-resistant. Software encryption's security depends on the operating system and can be compromised through multiple different attack vectors.
Cigent offers secure storage with multifactor authentication on M.2 2280 SSD which is the legacy standard for storage in PCs. The emerging configuration in PCs is M.2 2230 SSD which is the standard on all Microsoft Surface Devices and many of the newest Dell Latitude and Precision PCs and HP Elite Books and HP Workstations.
Yes, Cigent Secure Storage Solutions can support organizations meeting Commercial Solutions for Classified (CSfC) for data at rest including pre-boot authentication requirements. Cigent solutions can also meet FIPS 140-2 and 140-3 standards. Additionally, Cigent can address requirements from Executive Order 14028 including encryption of data at rest, multi-factor authentication, and the utilization of zero-trust access control. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).
Still have questions?
Learn more about Cigent and our solutions by downloading our company overview.
Cigent’s Federal Data Protection Solutions are second to none
Learn more about how Cigent can help you achieve your mission and protect data at rest and data on the edge from all forms of attack.