February 28, 2017 (Press Release) – HERNDON, Va.–Exostar, whose cloud-based solutions help companies in aerospace and defense, life sciences, and healthcare mitigate risk and solve their identity and access challenges, today announced it has augmented its enterprise collaboration solution to provide off-the-shelf compliance with the latest Government cybersecurity standards. Defense contractors and their subcontractors, suppliers, partners, and customers can use the multi-tenant, Software-as-a-Service solution to share documents containing covered defense information (CDI) with one another in accordance with Department of Defense (DoD) directives for local and network access.
These directives are an essential element of the 110 security controls identified in the recently-revised National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, which is incorporated by reference into the DoD’s Defense Federal Acquisition Regulations Supplement (DFARS) provision 252.204-7012. The provision defines how contractors and their geographically-distributed, multi-tiered supply chains must safeguard CDI from compromise. Failure to meet the provision by its deadline later this year will affect current and future contract awards.
Exostar’s defense community of over 130,000 organizations immediately can take advantage of a seamless, straightforward, cost-effective path to compliance. Current and future community members benefit from features that deliver a compelling user experience and align with the NIST/DFARS cybersecurity requirements, including:
- Web-based Single Sign-On (SSO) access through Exostar’s identity and access management platform, following completion of onboarding, identity proofing, and credentialing processes conducted by Exostar.
- Multi-Factor Authentication (MFA), where individuals must present trusted credentials for verification each time they initiate a session within the enterprise collaboration solution or each time they access a local copy of a document. Individuals who fail to present a valid credential when challenged are denied access on-the-spot.
- Digital Rights Management (DRM) that encrypts documents at-rest on the local device, only decrypting and opening them following a real-time check of document policies and user permissions. When documents are updated or access permissions are modified, the changes are enforced immediately and cascade to every copy of the document regardless of where it is stored, supporting stringent access, version, and distribution control.
“Encryption of documents at-rest in databases and in-transit between parties is insufficient in a sophisticated cyber threat landscape. The DFARS provision and NIST SP 800-171 standard reflect the need for protection to extend beyond systems and networks to local devices such as laptops, tablets, mobile phones, and USBs,” said Doug Russell, Exostar’s Vice President of Business Solutions. “Defense contractors large and small need an intuitive, high-performance, compliant solution to meet their internal and external collaboration needs, and that’s precisely what we deliver.”
Leading domestic and global defense contractors including Northrop Grumman, Huntington Ingalls Industries, Airbus North America, Rolls-Royce, and BAE Systems have relied on Exostar’s proven enterprise collaboration solution for nearly a decade. Today, the solution is hosted in US and UK data centers, supporting the secure intra- and inter-enterprise collaboration endeavors of over 50,000 users in 60 countries worldwide.
Attend the 3/7 Webinar with Baker Tilly to learn about DFARS/NIST 800-171 requirements and how to identify gaps/ensure readiness for compliance.
Exostar’s cloud-based solutions help companies in highly-regulated industries mitigate risk and solve identity and access challenges. Nearly 150,000 organizations leverage Exostar to help them collaborate securely, efficiently, and compliantly with their partners and suppliers. By offering connect-once, single sign-on access, Exostar strengthens security, reduces expenditures, and raises productivity so customers can better meet contractual, regulatory, and time-to-market objectives. www.exostar.com.
PALO ALTO, Calif. & STOCKHOLM - June 25, 2018 --(BUSINESS WIRE)--Yubico, the leading provider of hardware authentication security keys, today announced the certification and availability of the YubiKey FIPS Series, a new product line that meets the stringent cryptographic security
SUFFOLK, Va., March 1, 2017 /PRNewswire/ -- Sera-Brynn, LLC, a top-ranked cybersecurity firm, today urged the Department of Defense (DoD) contracting community to immediately begin implementing the cybersecurity requirements mandated by the Defense Federal Acquisition Regulation Supplement (DFARS). Finalized in October 2016, the regulations
HERNDON, VA, December 7, 2017 – Exostar, whose cloud-based solutions help companies in aerospace and defense, life sciences, and healthcare collaborate securely with their partners, today announced the general availability of a new option for multifactor authentication. Exostar Mobile ID is
HERNDON, Va. --Exostar, whose cloud-based solutions help companies in aerospace and defense, life sciences, and healthcare collaborate securely with their partners, today announced the general availability of a new option for multifactor authentication (MFA). Exostar Mobile ID is a smartphone or
Lazarus Alliance Uses IT Audit Machine GRC Solution to Perform DFARS NIST 800-171 Audits More Efficiently
Scottsdale, AZ, October 24, 2017 (Newswire.com) - Lazarus Alliance, a leading cyber security governance, risk, and compliance (GRC) firm, is utilizing Continuum GRC’s IT Audit Machine (ITAM) GRC to perform DFARS NIST 800-71 audits for its clients. U.S. Department of Defense contractors have
SPYRUS, Inc. Security Products to Meet DFARS 252.204-7012 Deadline for the Protection of Controlled Unclassified Information (CUI)
SAN JOSE, CA--(Marketwired - Oct 16, 2017) - SPYRUS, Inc. today announced the immediate availability of SPYRUS® security products supporting the December 31, 2017 DFARS Clause 252.204-7012 deadline for "Safeguarding Covered Defense Information and Cyber Incident Reporting." Recent guidance from