PKI coming to the Army

The Army started implementing a servicewide program this month that will require employees to use public-key infrastructure (PKI) technologies to log on to the military’s unclassified network.

The Army’s Common Access Card (CAC) Cryptographic Logon uses a special identification card and a personal identification number to access the Non-secure IP Router Network (NIPRNET). The service plans to have 10,000 workers at Army headquarters using PKI by March and all employees by this summer, according to a Jan. 25 Army statement.

“One of the greatest vulnerabilities of our networks is posed by weak user names and passwords,” said Lt. Gen. Steven Boutelle, the Army’s chief information officer. CACs use electronic information and digital PKI certificates to verify users’ identities.

Boutelle said spyware or keystroke-tracking software can steal user names, passwords

and PINs, but he said they cannot steal CACs. The Army plans to stop using user names and passwords to access the military’s networks and will eventually require CAC log-on for Army Knowledge Online, the service’s portal, Boutelle said.

Last month, the CIOs at the military’s major commands wanted to require workers to use PKI technologies instead of user names and passwords to log on to the NIPRNET. The Army said the Joint Task Force Global Network Operations, the organization that manages and defends the military’s networks, started accelerating PKI use throughout the Defense Department.

Since 2003, nation-states including China, crime gangs and hackers have increasingly tried to penetrate DOD networks, sometimes successfully. They are motivated to steal U.S. military secrets and slow DOD networks.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.