Military Grade Identity and Access Management with CAC Cards

In a recent article by John Edwards at C4ISRnet.com, the author describes a new IAM strategy by the Defense Department, “to develop an enterprise architecture giving military personnel unique IP addresses, enabling users to connect into a network anywhere in the world and retrieve their data reliably and securely.”

For the US Military that includes incorporating a system that issues each soldier and sailor a unique common access cards (CAC) almost like a modern day dog tag that “forces a two-factor authentication with a hard-coded identity certificate bound to the card and a PIN”, according to Jack Miles, a senior systems engineer at Centrify – one of the leading IAM solution providers.

According the the article, “The key to creating such an environment is identity and access management (IAM) technology, which needs to be both strong and usable to allow personnel to work securely and effectively.” Mr. Miles said the DoD is currently doing everything it can to eliminate single sign-on IDs and passwords, which are vulnerable to theft and cracking. “Ideally, a soldier would come to work — even if in theater — insert their CAC, enter their PIN and have access to all the resources with the specific authorization level required for their role,” he said. “One login, all resources, all the time.”

Conversely, the article delvesin the the critical limitation of CAC technology, “particularly in tactical-edge environments, where card readers can be scarce or difficult to use.” For more on that and to read the entire piece click over from here.

https://www.c4isrnet.com/article/20140829/C4ISRNET14/308150015/ID-access-management-required-enterprise-architecture