IdenTrust Inc. Logo
Home | My Account | Contact Us  

BEFORE YOU BUY CERTIFICATE CENTER AFTER YOU BUY TRUSTID ACES ECA
Safeguarding of Sensitive and Unclassified DOD Information

Cyber theft of DOD program information from defense contractors’ unclassified computer networks puts the U.S. military’s technological advantage at risk. Theft of information pertaining to DOD capability development can allow adversaries to bypass costly and lengthy research and development cycles, and/or understand enough about U.S. military technology to develop countermeasures.

Best practices to mitigate the risk of information theft are to implement commensurate information security controls such as logical access controls, audit and accountability controls, configuration management controls, physical access controls and increasingly controls to encrypt data at rest and in transit to protect sensitive information from theft. It is critical that all DOD contractors implement best practice information security controls to mitigate the risk of information theft.

Recognizing the need to ensure contractors implement best practice controls, the DOD developed new policy to mitigate this risk by including new clauses in the Defense Federal Acquisition Regulation Supplement (DFARS). The new DFARS clauses require Enhanced Safeguarding of Unclassified DOD Information mandating the use of specific NIST SP800-53 controls and are currently in the final rulemaking stage.

While most of the required security controls represent best practices already in place within most contractor organizations, many contractors do not today implement controls to protect transmitted information. The new DFARS clauses specifically require the use of cryptographic mechanisms to prevent unauthorized disclosure of information during transmission for many types of unclassified DOD information.

IdenTrust Solution for Safeguarding of Sensitive and Unclassified DOD Information

IdenTrust is an approved provider of DOD ECA (External Certificate Authority) certificates that can be used to enable cryptographic protection of transmitted data.

DOD ECA Certificates from IdenTrust are individually issued digital identity credentials intended for the DOD contractor community. DOD contractors can use these credential to:

Meet DFARS requirements for Safeguarding of Unclassified DOD Information
arrow Digitally Sign and Encrypt email or documents
arrow Ensure only intended recipient(s) can decrypt transmitted data
arrow Ensure integrity of encrypted information (meaning it has not changed since encryption)
arrow Ensure the identity of the sender of information
Authenticate and establish your identity when accessing a protected DOD or DOD contractor system

In addition to meeting DFARS requirements and providing authentication to DOD systems, ECA Certificates provide many other benefits, including reducing risk from loss of reputation, reducing audit and compliance risk, reducing risk of industrial espionage and more.

IdenTrust has developed a full educational program to help contractors understand how using IdenTrust-issued ECA certificates will enable them to implement "Best Practice" DFARS required controls for Safeguarding of Unclassified DOD Information and how to achieve other benefits from their ECA Certificates.

To learn more about our educational webinars, please contact ecasales@IdenTrust.com, or call 866.299.3335.



ECA INQUIRIES
888.882.1104
Helpdesk@IdenTrust.com
ECAsales@IdenTrust.com
M-F, 6am-6pm MST

DODI Video

ECA CERTIFICATE PRICING

HOW TO BUY
ECA Medium Assurance
ECA Medium Assurance Foreign Country
ECA Medium Token Assurance Foreign Country
ECA Medium Token
ECA Medium Hardware Assurance
ECA Medium Device Assurance SSL/TLS
ECA Foreign Countries Supported

LIST OF GOVT AGENCIES

AFTER YOU BUY
ECA Application Enablement FAQ
Request Key Recovery
Revoke Certificate
Root Certificate Downloads

RELATED CONTENT
BUY ECA
Instructions for Applicant
Locations for IdenTrust Identity Verification
ECA Identity Verification
ECA Medium Assurance Token Assurance forms instruction
ECA Medium Hardware forms instruction
ECA Foreign Subscribers forms instruction
Accepted IDs for ECA
ECA Forms and Policies
ECA FAQs
Security of Unclassified DoD Information on Non-DoD Information Systems
Who can sign the Part 2 form

OTHER
ECA Digital Certificates
ECA Trusted Correspondent Program
How To Become a Trusted Correspondent
IdenTrust, Inc. BBB Business Review WebTrust WebTrust Baseline EHNAC EHNAC GSA Schedule SOC We self-certify compliance with

© IdenTrust, Inc. All Rights Reserved.    Home | Contact Us | Legal Policies Follow us: Follow IdenTrust on Twitter