PKI coming to the Army

The Army started implementing a servicewide program this month that will require employees to use public-key infrastructure (PKI) technologies to log on to the military’s unclassified network.

The Army’s Common Access Card (CAC) Cryptographic Logon uses a special identification card and a personal identification number to access the Non-secure IP Router Network (NIPRNET). The service plans to have 10,000 workers at Army headquarters using PKI by March and all employees by this summer, according to a Jan. 25 Army statement.

“One of the greatest vulnerabilities of our networks is posed by weak user names and passwords,” said Lt. Gen. Steven Boutelle, the Army’s chief information officer. CACs use electronic information and digital PKI certificates to verify users’ identities.

Boutelle said spyware or keystroke-tracking software can steal user names, passwords

and PINs, but he said they cannot steal CACs. The Army plans to stop using user names and passwords to access the military’s networks and will eventually require CAC log-on for Army Knowledge Online, the service’s portal, Boutelle said.

Last month, the CIOs at the military’s major commands wanted to require workers to use PKI technologies instead of user names and passwords to log on to the NIPRNET. The Army said the Joint Task Force Global Network Operations, the organization that manages and defends the military’s networks, started accelerating PKI use throughout the Defense Department.

Since 2003, nation-states including China, crime gangs and hackers have increasingly tried to penetrate DOD networks, sometimes successfully. They are motivated to steal U.S. military secrets and slow DOD networks.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.