Axiad, a leading provider of organization-wide passwordless orchestration, today announced a new Unified Credential Management System (UCMS) package called Passwordless for Air Gapped and Critical Environments to meet the phishing-resistant requirements of The White House Executive Order (EO) 14028. This package brings passwordless authentication and end user self-service capabilities to air gapped and critical infrastructure environments that integrate Microsoft Security solutions. Overall, the package helps government agencies as well as critical infrastructure and defense industrial base (DIB) organizations maximize security and end-user acceptance and minimize security overhead.
In the United States, critical infrastructure systems continue to be a top target for cybercriminals. In fact, Microsoft reported that critical infrastructure cyberattacks doubled in 2022 from 20% to 40% of nation-state-sponsored attacks. Because of this, the U.S. government, via EO 14028 on improving the nation’s cybersecurity, has mandated security measures, including strong passwordless multi-factor authentication (MFA), for government agencies and is strongly recommending the use of this technology for critical infrastructure.
In response to this growing need, Axiad’s Passwordless for Air Gapped and Critical Environments provides a seamless way for organizations to integrate government-grade, phishing-resistant passwordless authentication as well as key functional and operational support into on-premises air gapped environments.
The new package provides full interoperation with a range of Microsoft products – including Microsoft Active Directory Federation Services and Microsoft Certificate Authority – to ensure authentication is highly secure and consistent and customers get maximum value out of their existing environments. Additionally, it provides credential management and self-service credential enrollment and account recovery (CEAR), which are critical capabilities due to the high costs or the complete lack of on-site IT support in air gapped environments.
“Organizations with air gapped and critical infrastructure environments need passwordless authentication and a range of physical and platform authenticators to help prevent cyber-attacks,” said Jerome Becquart, chief operating officer at Axiad. “With this new package, Axiad is the first company to provide all these elements plus the critical missing ingredient – self-service authentication management, including enrollment and account recovery – and bring them to the on-premises Microsoft ecosystem.”
Axiad’s Passwordless for Air Gapped and Critical Environments provides the following unique capabilities:
- Strong Authentication: The package provides government-grade FIPS 140 validated passwordless authentication with the flexibility needed to accommodate the full range of needs of employees, contractors, vendors and suppliers. For example, it offers a range of passwordless options, including both physical (YubiKeys, smart cards, PIV cards, USB keys, etc.) and platform (virtual smart cards).
- Powerful Self-Service Capabilities: Axiad AirLock, which provides help desk automation by eliminating temporary passwords, provides self-service credential enrollment, and Axiad MyCircle provides self-service account recovery within a trusted circle of colleagues rather than waiting for the help desk to respond – both of which help to increase operational efficiencies for frontline workers and reduce IT costs.
- Ready Implementation: The package’s architecture is made to operate in air gapped environments and to seamlessly interoperate with existing authentication and infrastructure investments without requiring upgrades. This package fully leverages and extends the life of Microsoft authentication (e.g., Microsoft Active Directory) and infrastructure (e.g., Microsoft Windows Server) investments.
“Axiad’s integration with Microsoft empowers critical infrastructure, government and defense industrial base to easily upgrade their existing Microsoft on-premises infrastructure to become passwordless,” said Ehud Itshaki, principal product manager at Microsoft. “With phishing-resistant, passwordless authentication, they can enhance their security posture and comply with the recent EO mandating phishing-resistant MFA – all while getting more out of their existing Microsoft authentication and infrastructure investments.”