Electrosoft experts helped develop FIPS 201, the standard for the PIV card. We also co-authored many of the PIV-related technical guidelines including NIST SP 800-73, 800-79, 800-85A&B, 800-116, 800-156, 800-157, and 800-166. Since 2006, we have supported many federal agencies’ efforts to architect and build FIPS 201‒compliant HSPD-12 programs and PIV issuance capabilities. We continue to help agencies sustain and mature these programs.

Electrosoft operates the FIPS 201 Evaluation Program Laboratory, testing a variety of ICAM products for compliance with federal policy. We maintain the FIPS 201 Approved Products List (APL) and develop ICAM playbooks to assist federal agencies in understanding and implementing policies and best practices.

Our ZTA roadmap development efforts assure agencies comply with OMB, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, and Department of Defense guidance. Our growing expertise in ZTA uniquely qualifies us to help agencies understand, architect, and fully implement ZTA identity pillar requirements employing available technology and best practices.

With cyber criminals constantly seeking unauthorized access to federal systems and networks, user/device verification is essential. Electrosoft knows well the requirements governing federal digital authentication solutions. In fact, we co-authored two major governing documents: NIST SP 800-63-4 (digital identity services) and 800-157 (derived PIV credentials).

We architect and implement both modern authentication solutions (FIDO and FIDO2) and traditional options (X.509v3 digital certificates, passwords, single and multifactor hardware authenticators, and one-time password solutions). We develop and implement enterprise ICAM platforms that support strong cloud-based authentication using a multitude of authenticators, identity federation, and single sign on capabilities. Our experience even extends to solutions that monitor and manage the appropriate level of access privileges for standard as well as privileged users.

Our digital identity solutions support:

• Reduced credential management cost
• Increased identity assurance
• Secure information sharing beyond organizational boundaries
• Greater accessibility of user attributes for authorization decisions
• Simplified log-in experience

The Federal Identity, Credential and Access Management (FICAM) roadmap documents the intersection and interdependence of digital identities, credentials, and access control in a comprehensive management approach. Electrosoft’s logical and physical access system expertise enables us to assist customers in understanding the associated integration and configuration challenges and employ not just the best commercial products and data models but also develop and implement sound access policies, standardized naming conventions, and distributed provisioning/deprovisioning capabilities.   

Electrosoft’s LACS and PACS implementations assure consistent, higher-level assurance identity authentication and policy-based access control across an enterprise. In addition, they provide increased protection over personally identifiable information (PII) and ease of user access management.