The National Institute of Standards and Technology (NIST) released Special Publication 800-171 pertaining to all DoD and Federal contractors with access to Controlled Unclassified Information (CUI). The publication encompasses the protection of sensitive federal information and (CUI) in nonfederal information systems and organizations. The Defense Federal Acquisition Regulation Supplement (DFARS) set the deadline of the NIST 800-171 compliance by December 31st 2017.
Tx Systems provides Identity, Authentication and Access Control solutions that are sufficient with NIST SP 800-171 to the highest level of Federal Government standards.
3.5.1 Identify information system users, processes acting on behalf of users, or devices.
3.5.2 Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
3.5.3 Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.
In order to satisfy the multi factor authentication and logical access requirements, organizations can implement HID’s ActivID CMS for Windows Logon, Email Encryption and Digital Signing of Documents. Millions of DoD and Federal employees use ActivID CMS which satisfies a multitude of the basic and derived security requirements.
For Access Control and physical protection of assets, Tx Systems can specify and provide physical access control systems from Hirsch Electronics, the DoD’s gold standard of access control. In addition, Tx Systems carries complete physical access systems from HID Global such as Visitor and Contractor Management by Quantum Secure. By implementing these solutions, you can rest assured that your organization complies with the following 3 main portions of NIST SP 800-171:
- Physical and Logical Access Control
- Identification and Authentication
- System and Communication Protection
More information regarding the specific requirements for the different information types can be found in the NIST publication. Tx Systems offers a variety of security solutions that can help your company meet those requirements. Contact us at through txsystems.com or send us an email at firstname.lastname@example.org to learn more.
HID Global has announced the release of their latest security solution for Identity and Access Management called HID Approve. As a Value Add Distributor for HID Global, Tx Systems is currently supporting the HID Approve solution in all stages from pre-sales support and qualification to final deployment and ongoing maintenance/support.
HID Approve is a next generation mobile two-factor authentication solution that leverages Push Notifications on all mobile platforms to either Approve or Deny login requests from any number of authentication portals. Whether you are a banking institution wanting to increase login security of your customers, or an enterprise looking to secure network authentication from both inside and outside of the firewall, HID Approve is a fantastic choice to increase identity assurance with a sleek user experience and a friction-less deployment process.
How it works:
HID Approve is powered by the HID Authentication Server which can be deployed as either a hardware or virtual appliance. When the Authentication Server is in place, users simply download the HID Approve app on either Android or iOS and register the app using their user credentials which will link them to the organization’s authentication server. The registration process is made simpler by allowing the user to scan a QR code on the organization’s login screen to connect their device to their existing account. With just a few simple steps, a user can be enrolled into the system and using the HID Approve solution for added logon security.
This solution is also extremely customizable in its aesthetic capabilities. Made with corporate branding in mind, HID Approve allows companies to change the look of the app to include corporate colors and company logos within the app to make it look like an in-house solution. For more information on how HID Approve can increase your authentication security and company profile, please contact us.
-Eric Gregg, Director of Sales
The Problem: Organizations need to manage identities and control access across a multitude of systems and sites for employees, contractors, service providers and visitors with varying access needs. Trying to on/off- board these individuals with unique security requirements, and provision/de-provision their credentials, becomes a resource-exhausting process with a high degree of risk from human error.
The Solution: SAFE PIAM is a web-based solution automating everything from HR-LDAP on/off-boarding to credential provisioning for access control, security compliance and audit initiatives. Quantum Secure’s SAFE software suite provides a single, fully inter-operable and integrated physical security policy platform to manage secure identities, compliance and operational analytics across multiple sites and systems. This is accomplished through SAFE’s policy engine which authorizes levels of access based on criteria’s such as certifications, training, clearance and more that are continuously updated in real-time. SAFE accomplishes risk management with their best practices by authorizing only the lowest level of access an individual needs to accomplish their duties.
Quantum Secure, part of HID Global integrates with credential management systems like ActivID CMS and IDMS. Quantum Secure automatically provisions or revokes digital certificates to ensure synchronized and policy-based on/off-boarding of individuals and their physical access. SAFE is a unique solution for organizations and government agencies that need a high level of security and compliance across their operations. SAFE is fully compliant with regulations pertinent to your business such as NERC-CIP, HIPAA, FICAM, BASEL-II, CFATS and SP 800-171.
If you have any further needs in these areas you can contact us at http://txsystems.com/contact.html
Apple has finally decided to open up its NFC chip for developers in iOS 11, which may turn out to be the biggest event in the NFC industry since the introduction of the Near NDEF format (NFC Data Exchange Format). The iOS 11 is the latest version of Apple’s operating system for iPhone and iPad which includes support for NFC tag reading. The iPhone 7 and every iPhone after will include the new Core NFC update on iOS 11. However, members who sign up for the Apple Beta Software Program can now access the new NFC features in the pre-release edition of iOS 11. Initially, Apple utilized their NFC chip solely for Apple Pay, but with Apple’s decision to open the iPhone NFC chip in iOS 11, there are tremendous new possibilities for iPhone users. This ranges from in-store product information on a tag to connecting users to maps in real time. According Strategy Analytics, “Apple reported selling 78.3 million iPhones in Q4 of 2016” (Mawston, 2017).
According to Apple, Core NFC will allow apps to read near field communication tags that are compatible with NFC Data Exchange Format (NDEF). You can learn more about developing apps supporting NFC from Apple’s Core NFC Documentation. NFC tags provide many advantages to engage people through radio frequency technology and enable further engagement with customers by connecting them directly to your company through the tap of their phone. For example, NFC can provide direct access to your social media accounts, website, smart labels/posters, and advertisements. Companies can use NFC tags in their products to have a direct relationship with consumers at the time of purchase or usage regardless of where the product was bought. Investing in NFC Tag technology can differentiate your products from others with an interactive brand experience that can also be used as an anti-counterfeiting mechanism ensuring your product is authentic.
Tx Systems offers a variety of ready-to-use NFC tags that are based on ISO/IEC 14443 standard and NFC Forum-compliant tag types 1-4. We are a premier NFC provider working with our partners such as Identiv to provide NFC tags and NFC readers that can further promote your business.
Cyber security has become a top concern for organizations worldwide, recently highlighted by the WannaCry ransomware that crippled hospitals, universities and businesses. Since a multitude of powerful Windows hacking tools have been released on the dark web, experts fear more impending cyber attacks and data breaches. The best way to prevent suffering from cyber attacks and compromising electronic health records is to have a robust 2-factor authentication system in place utilizing Public Key Infrastructure (PKI). PKI serves your organization through secure Windows Logon, VPN/remote authentication, email encryption and digitally signing documents.
Hospitals and healthcare providers should have 2-factor authentication implemented to comply with the HIPAA mandate for electronic protected healthcare information. 2-Factor Authentication is the proven method to secure devices, electronic health records (eHR) and medical systems. 2 factor authentication is not only mandated for HIPAA but also for practitioners and pharmacies issuing electronic prescriptions for controlled substances (EPCS). According to Title 21 Code of Federal regulations, there must be 2-factor authentication utilizing DEA approved certificates and FIPS 140-2 certified devices to digitally sign electronic prescriptions of controlled substances. Tx Systems has complete solutions for EPCS from clinician to pharmacy including Identity Proofing from our certificate authority partner Identrust part of HID Global.
As part of PKI, users have a credential that normally comes in a smart card or token form factor where a private key in addition to a digital certificate are stored. Tx Systems specializes in implementing smart card solutions that leverage ID badges for secure door and computer access. To enable PKI authentication, small companies can implement a standalone PKI card or a credential management system for medium to large organizations such as ActivID CMS that manages the entire credentials lifecycle. For more info on PKI solutions you can implement at your organization please contact us through the link below.
Click here to contact us.
The wait is finally over! The Otterbox uniVERSE case for iPhone/iPad and the Identiv iAuthenticate 2.0 mobile smart card reader attachment are now available for pre-order through Tx Systems and is scheduled for release mid-2017.
The iAuthenticate 2.0 is the successor to the widely used iAuthenticate mobile CAC/PIV smart card reader for Apple iPhone and iPad. The new partnership with Otterbox will ensure that customers using this mobile reader will receive the best quality phone protection in addition to the smart card authentication functionality that customers have come to expect from Identiv. For more info, please see the datasheet or contact sales.
While the US has adopted EMV chip card standards to decrease credit/debit card fraud, the problem of card-not-present fraud has compounded. There is a clear need to decrease card-not-present fraud by implementing EMV smart card readers at home for online shopping and banking. This will empower consumers by providing secure card transactions while shopping online and 2 factor authentication by signing in to your online banking.
According to a 2016 CNP Consumer Impact Study, 78% of online shoppers want more protection for their payment card when shopping online. The same study reports that 67% of consumers are willing to adopt a new behavior or process in order to increase their security when shopping online.
As e-commerce’s growth steadily parallels the rate of credit and debit card fraud, there is a significant demand from consumers for added transaction security. Tx Systems is a premiere smart card reader solutions provider working in conjunction with our partners such as Identiv to provide answers to these issues.