Organizations we support
Military
Defense Community
Sensitive and Classified Materials at the Edge
Intel (2)
Intelligence and Special Ops Community
Secret Data in Extreme Environments
FedCiv-2
Federal Civilian Solutions
Protection of Sensitive Data from Lost Device and Remote Attacks
Devices we protect
Frame 84
Servers / Enterprise
Frame 85
External Media
Industrial Control Systems
Industrial Control Systems
Frame 87(1)
Unmanned Vehicles
Portfolio
Products
Who we partner with
Handshake
Partnership
Cigent Ecosystem of Device and Service Partners
Resources
Downloadable Assets
Whitepapers, eBooks, Infographics, and More
Blog
Read articles on all things cyber security.
Learn More About Cigent
News from Cigent
4 min read
Understand FIPS 140-2, its compliance ..
Blog 3 min read
Why federal agencies need to protect sensitive ..
Menu Close
Image landscape (5)

Multifactor Authentication

Critical incremental protection

Multifactor authentication (MFA) is a simple incremental protection layer that provides significant security benefits. MFA reduces risk by requiring threat actors to compromise two different authentication sources. Implementing MFA is a requirement of EO 14028, explicitly stating that organizations should implement MFA.

Cigent is unique in providing MFA to protect data at rest and while the devices is in use.
Multifactor Authentication

MFA for Pre-boot Authentication

Multi-factor authentication complements full-drive encryptionand PBA to ensure data at rest (DAR). Hardware encryption prevents data from being unauthorized access, pre-boot authentication (PBA) provides a separate, hardware-secured environment for authentication, and multifactor authentication mitigates the risk of attackers compromising a single factor.

Data Access

Step-up Authentication for Data Access

Cigent provides the capability to create hidden partitions, ensuring data is secure even after the device logs on. Data is accessed after the hidden partitions have been unlocked using step-up authentication. Additionally, another layer of step-up authentication can be configured to require users to authenticate to access data. This approach prevents cloning, wiping, or other data attacks, including data exfiltration or modification.

Multifactor Authentication

Multiple Forms for Authentication

PBA can support multiple forms for authentication, including username and password, Common Access Card (CAC),security key, and a combination of password and CAC or security key for two-factor authentication.

NIAP

PBA is NIAP

PBA is NIAP validated for the collaborative Protection Profile(cPP) for Full Drive Encryption - Authorization Acquisition(FDE_AA) Version 2.0. It follows the encryption standards defined by the Commercial National Security Algorithm (CSNA) for Data at Rest (DAR) and National InformationAssurancePartnership (NIAP).

Benefits

Address Compliance Requirements with MFA Protection

Commercial Solution for Classified

When using Cigent PBA and Cigent (SED), the CPP for bothFDE_AA & FDE_EE can be validated to provide a full outer layer of protection as defined by Commercial Solutions of Classified(CSfC) Data at Rest capability package v.5.0.

Collaborative Protection Policies

PBA can help solve the compliance requirement for Full DriveEncryption (FDE): PBA fulfills the FDE_AA of the CollaborativeProtection Profiles (cPPs).

Executive Order 14028

Executive Order 14028 requires federal agencies to implement MFA to secure their accounts, including data at rest.

Prevent Cloning and WIping

Hidden partitions with step-up authentication uniquely protect data when the device is in use, including preventing cloning and wiping attacks.

iStock-814367282

The Cigent Advantage

Cigent is prepared to support your mission navigating the complex compliance requirements to protect data at the edge. Its solutions were developed for and with US Federal agencies with deep expertise in data protection. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

To ensure availability and provide flexibility, Cigent works with leading drive manufacturers including Digistor, Kanguru, and Seagate and Cigent offers our own branded drives.

iStock-814367282
Resources / Blog
Introduce resources that can
provide value to the visitor
4 min read

FIPS 140-2 & FISMA — Understanding Cybersecurity Compliance for Cryptography Modules

Understand FIPS 140-2, its compliance requirements for federal agencies, and the ..

Blog 3 min read

Adding Pre-Boot User Authentication for Sensitive Data Security

Why federal agencies need to protect sensitive and classified data with pre-boot user ..

Blog 2 min read

Data Security for Unmanned Vehicles—both UAV and UGV

Ensure data security for unmanned vehicles with advanced protection methods. Learn about ..

Frequently Asked Questions

Check out the answers to some of most frequently asked questions about Cigent, what we do, and how we do it. Don’t see your question on the list? Click the BOOK A DEMO button in the top right corner of your screen to learn more about us during a custom demo.

What does Cigent do?

Cigent protects data on devices operating at the edge from unauthorized access. Cigent solutions secures data at rest with layered protection including hardware encryption, pre-boot authentication, and multifactor authentication. Cigent also ensures data integrity when the device is in use preventing wiping and cloning and other data attacks.

How does Cigent work?

To prevent sophisticated adversaries from unauthorized access requires layered protection. The foundation of Cigent solution is 256-AES full drive hardware encryption with pre-boot and multifactor authentication. These capabilities have been validated by agencies including NSA and NIAP. Additionally, Cigent provides capabilities that ensure the integrity of data through its lifecycle including hidden partitions, storage-embedded AI, and verified data erasure.

What is Multifactor authentication?

Multi-factor authentication (MFA) is a more secure way to verify a user's identity than a username and password alone. It is a multi-step login process that requires users to provide more than one type of information, such as a password, hardware authenticator (i.e. YubiKey), or a biometric marker.

What is the difference between software and hardware encryption?

Software encryption uses software tools and the main system microprocessor to encrypt and decrypt data, while hardware encryption uses dedicated chips and a separate processor. Hardware encryption is more secure and faster than software encryption. From a security perspective, hardware encryption is independent of the operating system and harder to intercept or break. It is less vulnerable to side-channel attacks and can be tamper-resistant. Software encryption's security depends on the operating system and can be compromised through multiple different attack vectors.

What types of drives does Cigent Offer with Multifactor Authentication?

Cigent offers secure storage with multifactor authentication on M.2 2280 SSD which is the legacy standard for storage in PCs. The emerging configuration in PCs is M.2 2230 SSD which is the standard on all Microsoft Surface Devices and many of the newest Dell Latitude and Precision PCs and HP Elite Books and HP Workstations.

Does Cigent full drive hardware encryption address compliance?

Yes, Cigent Secure Storage Solutions can support organizations meeting Commercial Solutions for Classified (CSfC) for data at rest including pre-boot authentication requirements. Cigent solutions can also meet FIPS 140-2 and 140-3 standards. Additionally, Cigent can address requirements from Executive Order 14028 including encryption of data at rest, multi-factor authentication, and the utilization of zero-trust access control. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

Still have questions?

Learn more about Cigent and our solutions by downloading our company overview.

Card

Cigent’s Federal Data Protection Solutions are second to none

Learn more about how Cigent can help you achieve your mission and protect data at rest and data on the edge from all forms of attack.