Entrust in the News
Off the Wire

Entrust, GSA Ink $4.5 Million Hosted PKI Agreement to Secure Smartcard Credentials, Meet HSPD-12 Requirements

Hosted PKI win continues Entrust’s credentialing leadership in government environments

DALLAS, Nov. 16, 2011 /PRNewswire/ — Building on a strong, successful relationship with the U.S. government, the U.S. General Services Administration (GSA) has awarded Entrust Inc. a four-year, $4.5 million contract to continue providing hosted PKI services and digital certificates as the security infrastructure for Homeland Security Presidential Directive 12 (HSPD-12) initiatives. An incumbent in the re-compete proposal, Entrust has provided managed public key infrastructure (PKI) solutions and services for the GSA’s credentialing program since 2007.

“PKI technology is core to securing U.S. federal identities and Entrust is proud to continue the GSA partnership and serve as a key security expert for their large-scale credentialing program,” said Entrust President and CEO Bill Conner. “In just four years, Entrust’s PKI has protected the digital identities of more than 500,000 U.S. federal employees — a task critical to the overall security of the country.”

Distributed through the GSA’s USAccess program, Entrust provides authenticated credentials to federal employees and contractors at more than 90 government agencies. While specific uses vary, most leverage the smartcard-based credentials, coupled with PKI digital certificates, for physical access to secure government facilities and logical access to protected desktops and networks.

In 2007, as part of a six-member team, Entrust Inc. was subcontracted a portion of the GSA’s $66.3 million contract, which was awarded to Texas-based Electronic Data Systems (now HP Enterprise Solutions) to lead the HSPD-12 managed-service offering. Entrust’s new contract is directly from the GSA, adding more flexibility to the services provided to the U.S. government.

Entrust now provides Personal Identity Verification (PIV) services to federal employees and contractors and Personal Identity Verification Interoperable (PIV-I) certificates to organizations who want their certificates trusted by the federal government. In addition to user certificates, the new contract enables Entrust to provide machine and device certificates to the federal government, contractors and business partners.

“As technology has evolved, the GSA realized digital certificates were required to not only identify and authenticate users, but machines and devices as well,” said Conner. “The new contract recognizes this technology shift and allows the GSA to use the full power of a hosted PKI to verify the identity of any person, machine or device that attempts to gain access to a secure environment.”

Entrust Managed Services PKI provides digital certificates to the federal government under the Shared Service Provider (SSP) program. Entrust Managed Services PKI is designed to meet U.S. Federal Common Policy and standards requirements while providing the same high level of technology and services that have positioned Entrust as a leader in PKI.

The PKI framework automates the management of digital certificates that are used by individuals, applications and devices. This helps enable security services such as strong authentication, integrity of digitally signed data, physical access to buildings and facilities, and the protection of encrypted data to an organization using public-key cryptography.

The Shared Service Provider program was established under the Federal Identity Credentialing Committee (FICC) and Federal PKI Policy Authority to give U.S. federal departments and agencies a method to access PKI services while leveraging previous government investments.

Entrust Managed Services PKI offers PIV authentication certificates as well as certificates for digital signatures, encryption and card authentication. The service provides the management functions that have set Entrust apart from other vendors in the market including high availability, disaster recovery, automated failover and network protection.

Additional benefits of Entrust’s PKI service include intrusion protection, antivirus for the certification authority (CA) services, denial of service protections and archival of CA data. The latter includes advanced key recovery that provides a secure, long-term per-operator policy to control which administrators can recover users, which users can be recovered by whom, and whether multiple authorizations are required to initiate key recovery.

On August 27, 2004, the White House issued HSPD-12 in order to establish more uniform standards for issuing government identity credentials. HSPD-12 applies to all government employees and contractors and governs physical (facility) and logical (systems) access. The primary goals of HSPD-12 are to enhance security against potential terrorist threats and reduce identity fraud. The initiative also intends to increase government efficiency through standardization while protecting the personal privacy of individuals.

About Entrust

A trusted provider of identity-based security solutions, Entrust empowers enterprises, governments, financial institutions, citizens and websites in more than 4,000 organizations spanning 60 countries. Entrust’s customer-centric focus is the foundation to delivering organizations an unmatched level of security, trust and value. For strong authentication, credentialing, physical and logical access, mobile security, digital certificates, SSL and PKI, call 888-690-2424, email entrust@entrust.com or visit www.entrust.com. Let’s talk.

Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In Canada, Entrust is a registered trademark of Entrust Limited. All Entrust product names are trademarks or registered trademarks of Entrust, Inc. or Entrust Limited. All other company and product names are trademarks or registered trademarks of their respective owners.

SOURCE Entrust