Skip Navigation

U.S. Federal agencies often require PKI certificate-based authentication to perform Windows Logon and to access public key enabled systems. This requires use of a multi-factor authentication token that performs a cryptographic operation using the certificate and keys residing within the token.

Traditional multi-factor authentication introduces roadblocks to technologies like Robotic Process Automation (RPA). The OMB Memo M-19-17 outlines a policy that requires management of digital identities of non-person entities such as software robots. This means that all software robots are required to have individual digital identities and credentials that are managed in the same fashion as traditional user identities. Although software robots cannot be issued a physical token, they can utilize multi-factor login capabilities through the use of a centralized, hardware security module-based authentication system.

View this webinar to learn how Thales TCT’s Luna Credential System integrates with UiPath’s RPA platform to provide hardware-protected PKI credentials for software robots. The session will discuss topics including:

  • An introduction to RPA
  • RPA cryptographic authentication best practices
  • OMB Memo M-19-17 compliance RPA
  • RPA Defense Department Implementation Overview

Watch Now

Historically, organizations have taken a perimeter based approach to cyber security, with the belief that a strong perimeter protected the IT infrastructure behind it. But, as agencies modernize legacy systems and move apps, systems and workloads to the cloud – and more employees, contractors and citizens connect remotely and from multiple devices – something is happening across federal networks; the perimeter is dissolving. Data is the new perimeter. Therefore, identifying and protecting data wherever it is created, shared, or stored, through its entire lifecycle becomes the priority. This digital briefing unveiled the survey results in the 2020 Thales Data Threat Report – Federal and shared best practices in creating a cohesive data security strategy in a perimeterless world. 

Watch Now

Traditional multi-factor authentication introduces roadblocks to technologies like Robotic Process Automation (RPA). The OMB Memo M-19-17 outlines a policy that requires management of digital identities of non-person entities such as software robots. This means that all software robots are required to have individual digital identities and credentials that are managed in the same fashion as traditional user identities. Although software robots cannot be issued a physical token, they can utilize multi-factor login capabilities through the use of a centralized, hardware security module-based authentication system. This video demonstrates how Thales TCT’s Luna Credential System integrates with UiPath’s RPA platform to provide hardware-protected PKI credentials for software robots.

 

CDM overview mapping Thales TCT solutions to specific CDM requirements.

Download Now

The Luna Credential System (LCS) introduces a new, patent pending,  approach to multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible by endpoints in a distributed network. Download our video to learn more about LCS.

 

The Luna Credential System (LCS) introduces a new, patent pending,  approach to multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible by endpoints in a distributed network. Download our infographic to learn more about LCS and how the solution solves identity management challenges.

Download Now

Rob from Thales TCT demonstrates how to configure Apache web server to use Thales TCT's Luna Network HSM to protect the private key for the certificate used by the web server.

 

With cloud and digital initiatives underway throughout U.S. Federal agencies, new attacks occurring daily, and traditional threats, many agencies are struggling to protect critical citizen data, financial information and government secrets. This is especially true as more agencies move applications and sensitive data to the cloud. In this session we’ll address the state of data security in U.S. Federal agencies today, the changing landscape of risks to data, and agency IT security pros priorities for data security today.

Based on the results from the 2020 Thales Data Threat Report – Federal Edition (now in its eighth year), expect to learn about:

• How the adoption of digital transformation technologies, and especially cloud, are putting sensitive data at greater risk
• The data security challenges facing agencies today
• Critical analyst recommendations for how agencies can be most effective when investing in protecting their crown jewels – their sensitive data

Download Now

According to the 2020 Thales Data Threat Report – Federal Government Edition, government is ahead of business with cloud adoption, but cybersecurity remains a challenge. Ahead of global organizations, U.S. federal government agencies have more than half (54%) of their data already stored in the cloud. The report also shows digital transformation (DX) is well underway with 68% of U.S. federal government agencies embedding digital capabilities in the enterprise and aggressively disrupting the services they provide, but this adds to security complexity and creates potential vulnerabilities.

Download Now

Offering the broadest range of multi-factor authentication methods and form factors, Thales TCT facilitates and empowers enterprise-wide security initiatives for maintaining and improving secure access to enterprise resources.

Download Now

Thales Trusted Cyber Technologies’ (TCT) Luna HSMs are the choice for
government agencies when storing, protecting and managing cryptographic
keys used to secure sensitive data and critical applications. Meeting government
mandates for U.S. Supply Chain, the high-assurance, tamper-resistant Thales
TCT’s Luna HSMs are designed, developed, manufactured, sold, and supported
in the United States.

Download Now

The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s (DoD) newest verification mechanism designed to ensure that cybersecurity controls and processes adequately protect Controlled Unclassified Information (CUI) that resides on Defense Industrial Base (DIB) systems and networks. 

With an extensive data security portfolio and compliance mapping methodology, Thales TCT is a key partner in helping organizations achieve CMMC requirements and cybersecurity maturity levels. Our solutions provide a platform for the implementation of cybersecurity controls and institutionalization of cybersecurity practices and processes.

Thales TCT’s data security portfolio consists of data protection solutions that share a common, extensible implementation infrastructure for delivering data-at-rest encryption, enterprise key management, network encryption, authentication, access control, and security intelligence across an organization’s infrastructure. 
 

Download Now

Encrypting PHI wherever possible and reasonable can be one of the most effective approaches for fine tuning your HIPAA compliance efforts. The essence of HIPAA Security Rule compliance is finding and implementing the most reasonable process or control to minimize risks that have been identified and prevent breaches.

Download Now

Federal agencies require a simple way to correlate all security-relevant data so they can manage their security posture. Instead of merely watching events after they occur, agencies should anticipate their occurrence and implement measures to limit vulnerabilities in real time. For that, agencies need an analytics-driven SIEM platform such as Splunk.

However, once data is correlated by SEIM tools, it becomes extremely valuable. By integrating an encryption and key management solution such as Vormetric Data Security Platform with Splunk, agencies can ensure that their operational intelligence is protected from surreptitious attacks.

View this on-demand recording with Thales TCT to learn how to protect Splunk indexes and provide enhanced visibility on the processes and users who are accessing protected data.

Download Now

True data protection extends beyond the core. Agencies need to apply the same level of protection deployed at the core to the cloud and to remote or disconnected environments in the field.

Thales Trusted Cyber Technologies serves as a trusted, U.S. based source for cyber security solutions. We offer a broad selection of security solutions that secure, manage, distribute, and control access to your data and cryptographic keys.

 

Thales Trusted Cyber Technologies, offers a network security solution that provides high-assurance data protection; dedicated encryption devices from 100Mbps to 100Gbps, support for multiple network and protocol configurations, secure key management, and authenticated end-to-end encryption.

During this on-demand webinar, you will have the opportunity to learn about:

  • Thales High Speed Encryption product line
  • High Speed Encryption use cases and network configuration
  • High Speed Encryption enterprise management
  • Transport Independent Mode

Download Now

Jane from Thales TCT demonstrated how to integrate HPE ESL G3 Tape Library with Thales TCT's KeySecure for Government KMIP compliant key manager.

 

Jane from Thales TCT demonstrates how to integrate Red Hat Certificate Authority, part of the Red Hat Certificate System 9.4, with Thales TCT's Luna Network HSM.

 

Thales TCT's CTO, Brent Hansen, shares his insight into taking a data-centric approach to security to enhance an agency's overall security posture and address CDM compliance requirements in his presentation at FCW's CDM Summit. Brent breaks down his decision tree methodology to help agencies validate the points of weakness and the tools available to achieve not only compliance but to provide the highest-level security posture.

 

As technology has evolved, the array of devices, applications and infrastructure have exploded, each providing a specialized type of data, protection or service. Distributed systems handle transactions; security/monitoring infrastructure monitors for  breaches and slowdowns; a myriad of applications make the best use of Web technologies. Each of these elements generate machine data that can be used to provide competitive advantages, gain insights into customer behavior and avoid security or compliance issues.  


This paper examines the use of Splunk as the platform to collect and index machine data from virtually any source, regardless of its location. Then, we will consider how Vormetric can interact seamlessly with the Splunk system to ensure compliance with security policies and regulatory mandates. 

Download Now

Learn how to integrate HPE MSL3040 with KeySecure for Government.

 

Learn how to integrate Microsoft OCSP with Luna HSM for Government.

 

Learn how to integrateHPE Primera Storage Platform Library with KeySecure for Government.

 

Learn how to integrate HPE StoreEver MSL G3 Series Tape Library with KeySecure for Government.

 

As healthcare stakeholders and systems become better connected, the volume of healthcare data created, processed, analyzed and stored is greater than ever. The increased use of HD video – either for collaboration or patient monitoring – is also changing the nature and format of healthcare data.

Download Now

This Insight is designed to help IT decision-makers understand what quantum computing represents for the future of cryptography and how data security practices will need to respond.

Download Now

The cloud provides new capabilities to develop more flexible offerings that are on par with premises-based versions – but at a lower cost and faster time to market. This, in turn, presents new models for government agencies to consider, either to augment or replace their existing data security infrastructure.

Download Now

Supply chain risk management (SCRM) has long been a key element of the manufacturing process, but as technology advances, the risk management challenges go well beyond the world of producing physical products such as hardware. ISO-based standards provide clear guidance on supply chain management, especially for conventional manufacturing, but U.S. Federal Government suppliers need to think more broadly in today’s digital economy.

Download Now

Opportunities for improving efficiencies in the public sector are so great that the adoption of technologies like RPA is being mandated. Not only do IT decision-makers for U.S. Federal agencies need to get up to speed on RPA, but they must also ensure that current levels of data security applied to humans extends to robots as well.

Download Now

At the heart of this for IT is ensuring that the data flowing to and from these “things” can be trusted. IT needs to create security awareness around IoT, especially for protecting data at the network edge. There will soon be too many IoT-enabled network access points for IT to manage, and a data security strategy is needed to protect the integrity of the edge devices, components, endpoints, etc.

Download Now

Once data is encrypted, the only way to gain access is by decrypting or unlocking secret content using the key. Haphazardly protecting these keys negates the entire process of encryption and creates a false sense of security. This white paper outlines best practices for deploying an effective cryptographic key managment strategy.

Download Now

The term Root of Trust (RoT) is commonly used in information security circles, but what does it mean? Why do we care? How does it apply to cryptographic controls? Modern computer systems are incredibly powerful and flexible. They can be molded to accomplish things that were unimaginable a mere decade ago. This same property makes them almost impossible to control and all too easy for malicious actors to find ways to disrupt them. To counter these threats, security experts have resorted to a wide range of cryptographic tools, and for these tools to function they need a trust worthy beginning.

Download Now

The Luna SA for Government uses a comprehensive three-layer authentication and access control model to achieve extremely strong security between the host application processes and the Luna SA for Government’s HSM partitions.This three-layer authentication and access control model was designed to allow the Luna SA for Government to offer network connectivity to clients without sacrificing the security requirements of HSM operations.

Download Now

For agency leaders and IT administrators responsible for data security—from the most basic statistics to highly sensitive documents—understanding the role of encryption and the management of encryption keys is vital to keeping confidential data just that—confidential. And, for organizations that entrust their data to cloud storage, it is essential that they understand the options available for safeguarding this protected data—even if it’s being managed in the cloud by a third-party vendor. This white paper discusses the importance of data encryption, the vulnerabilities of third-party encryption, the necessity of encryption key ownership, and how all of it affects the security of your organization’s data stored in the cloud.

Download Now

Everyone wants their eyes on the data to reduce costs, improve efficiency, develop new products, optimize offerings, and to make smarter, data-driven decisions. To meet these demands, data will need be produced in more places, stored in more places, processed in more places, and ultimately, shared and distributed to more places. As an IT professional, this isn’t new news. You’re living it – and it’s quite the data protection dilemma. The thought of sharing your organization’s sensitive data outside of your brick and mortar location (and outside of your watchful eye) is a growing concern. So how do you find a way to balance critical business needs and requirements, while protecting your data from malicious threats?

Download Now

This White Paper describes the comparative security and performance benefits of Ethernet WAN data security solutions. We compare the benefits of SafeNet Layer 2 high speed encryption hardware with integrated encryption using MACsec or TrustSec.

Download Now

So, you need to encrypt your sensitive data? Your data is in high demand, and you know it needs data-centric protection. With so many encryption options available, how do you find the right solution to protect your organization's sensitive data?

Download Now

As the old saying goes, “loose lips sink ships”. For today’s enterprises, it is network metadata doing the talking—and a lot of potentially dangerous entities are listening. This paper looks at the risks that metadata can pose to many organizations, and it reveals how transmission security can be used to create a safeguard against nefarious network traffic analysis.

Download Now

There are several challenges impeding adoption across federal agencies of PIV for privileged user access. Primarily, the time and cost required to migrate to PIV-enabled technologies for privileged user accounts can be unmanageable in the intermediate term. Pursuing technologies that support PIV-enablement of privileged user accounts is an evolutionary process and requires significant investment as systems are updated, replaced, or migrated. In many cases, this isn’t practical for legacy systems. Download this White Paper to learn why authenticators are proven and practical alternative to PIV.

Download Now

Acknowledging that cyber security is a monumental task, CDM has taken a structured approach by defining four phases that enable agencies to fold in different aspects of cyber security over time. The program begins with dashboards at both the federal and the agency/department level. The program then deploys sensors throughout the network infrastructure that address different strategic questions associated with network security.

Download Now

The Cloud First initiative is now a reality—civilian and defense agencies are being asked to default to cloud-based solutions when possible. In order to facilitate the transition to the cloud, the Federal Government has implemented the government-wide Federal Risk and Authorization Management Program (FedRAMP) to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Download Now

For US law enforcement agencies, complying with the Criminal Justice Information Services Security Policy (CJIS-SP) is an imperative requirement. However, it’s also critical to ensure that the security mechanisms employed don’t in any way impede staff in fulfilling the agencies’ chief charter: fighting crime. This paper examines data-in-transit encryption, which is an important component of CJIS-SP requirements. It offers a number of insights into the approaches that can help organizations address data-in-transit encryption policies most efficiently and effectively—while ensuring that investigators and other users always get reliable, timely access to the information they need to do their jobs.

Download Now

From medical records to insurance forms to prescription services, the healthcare industry has become a networked environment— allowing patient information to be shared and managed by a variety of parties and from a number of endpoints, each with their own level of security for protecting that information. 

Download Now

As healthcare stakeholders and systems become better connected, the volume of healthcare data created, processed, analyzed and stored is greater than ever. The increased use of HD video – either for collaboration or patient monitoring – is also changing the nature and format of healthcare data.

Download Now

While HITECH provides ample incentives for healthcare organizations to employ EHR systems, it also builds on HIPAA to provide more stringent security and privacy rules. Therefore, healthcare organizations that leverage EHR systems must also ensure regulated information is consistently and effectively safeguarded—and do so for as long as that data must be retained, which can be decades in many cases. This paper reveals a key vulnerability that is prevalent in many organizations that have adopted EHR: regulated data held in digital storage systems. The paper also reveals how solutions offered by SafeNet Assured Technologies can help secure this critical area in the healthcare organization’s infrastructure.

Download Now

This Industry Insight highlights three best practices for IT to focus on for data security. Incorporating the cloud into your Big Data strategy requires a more comprehensive approach, and the starting point is to recognize the need for IT to adopt a security posture that is aligned with cloud-based technologies. The following three responses will help set that alignment, after which the direction for your longer path will be clearer.

Download Now

Attendees of this webcast learned how to easily secure data in a virtual environment through encryption in order to:

  • Ensure compliance with regulations and security policies
  • Protect directory services and intellectual property
  • Secure data in disaster recovery sites

Download Now

Attendees of this SafeNet Assured Technologies, Carahsoft, Emergent and V3Gate webinar learned how to apply the Encrypt Everything philosophy to protect PHI data. We broke down the HIPAA mandate and taught participants how to implement best practices to address key regulations, such as:

  • Workforce and workplace security
  • Information access management
  • Contingency plans
  • Personal and entity authentication 
  • Transmission security 

Download Now

Attendees of this webcast learned about next generation authentication methods that provide secure access to networks and applications from a variety of devices while ensuring compliance. We also discussed:

  • FISMA Compliance & Electronic Authentication Guidelines
  • HSPD-12 Compliance & PIV Derived Credentials for Remote Identity Populations

Download Now

Cipher Summit 2019 Replay

Check out the on demand videos and presentations from the event. Download Now

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.

Accept