DFARS / NIST 800-171 COMPLIANCE ACCESS CONTROL SYSTEM

Effortlessly meet complex compliance requirements.

AUTOMATED COMPLIANCE

Automated access control, accountability, auditing, and authentication.

Role-based access control for organizations that require an elevated focus on security while maintaining ease of usability. The National Institute of Standards and Technology (NIST) and the Defense Federal Acquisition Regulation Supplement (DFARS) now require baseline security controls including access control and password strengths.

Limit information system access to authorized users

Simple and instant multi-factor authentication

FIPS 140-2 compliant and AES 256 encryption

Automatically audit every user and computer interaction

Enforce password lengths with custom requirements

majortoolmachine_gatekeeper_key_security_dfars

"...Gatekeeper solved one critical aspect of complying with DFARS and securing workstations for Major Tool & Machine, while providing a seamless tool for computer access for their employees and securing their data."

Tom Riddle, Network Systems Administrator
Major Tool & Machine, Inc.

GateKeeper Enterprise DFARS / NIST 800-171 Compliance Summary

As of 2018, all government contractors processing, storing, or transmitting controlled but unclassified information (CUI) must meet the Defense Federal Acquisition Regulation Supplement (DFARS) security requirements or jeopardize losing their contracts.

NIST now recommends not requiring password resets, instead use strong passwords that are well-protected.

Control FamilyControl Details800-171 Control Number800-53 Control NumberImplementation
Access ControlLimit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).3.1.1 AC-3GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. GateKeeper automatically locks a user’s computer when they are no longer in proximity to their workstation immediately protecting unauthorized users from accessing a system.
Access ControlLimit information system access to the types of transactions and functions that authorized users are permitted to execute.3.1.2AC-3GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. GateKeeper automatically locks a user’s computer when they are no longer in proximity to their workstation immediately protecting unauthorized users from accessing a system.
Access ControlEmploy the principle of least privilege, including for specific security functions and privileged accounts.3.1.5 AC-6GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. This helps enforce the concept of least privilege on a system level.
Access ControlLimit unsuccessful logon attempts.3.1.8 AC-7GateKeeper has the ability to lock a user's account after an administrator-defined number of unsuccessful login attempts.
Access ControlUse session lock with pattern-hiding displays to prevent access/viewing of data after period of inactivity.3.1.10 AC-11GateKeeper automatically locks a user's workstation when they are no longer in proximity to their workstation - preventing access/viewing of data.
Audit and AccountabilityCreate, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity.3.3.1 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. These audit logs are retained indefinitely.
Audit and AccountabilityEnsure that the actions of individual information system users can be uniquely traced to those users so they can be held accountable for their actions.3.3.2 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it.
Audit and AccountabilityCorrelate audit review, analysis, and reporting processes for investigation and response to indications of inappropriate, suspicious, or unusual activity.3.3.5 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. GateKeeper can connect to a syslog server and integrate with an enterprise security architecture. Authorized admins have the ability to export audit logs to further enable audit review, analysis, and reporting processes.
Audit and AccountabilityProvide audit reduction and report generation to support on-demand analysis and reporting.3.3.6 AU-7GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. GateKeeper can connect to a syslog server and integrate with an enterprise security architecture. Authorized admins have the ability to export audit logs to further enable audit review, analysis, and reporting processes.
Audit and AccountabilityProtect audit information and audit tools from unauthorized access, modification, and deletion.3.3.8 AU-9GateKeeper Enterprise provides proximity-based authentication and authorization to workstations and thus can protect audit information and audit tools from unauthorized access.
Audit and AccountabilityLimit management of audit functionality to a subset of privileged users.3.3.9 AU-9GateKeeper Enterprise provides proximity-based authentication and authorization to workstations and thus can protect audit functionality to a subset of users.
Identification and AuthenticationIdentify information system users, processes acting on behalf of users, or devices.3.5.1 IA-4GateKeeper Enterprise provides proximity-based identification, authentication and authorization to workstations. Using GateKeeper an organization can identify a user at a workstation.
Identification and AuthenticationAuthenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.3.5.2 IA-4GateKeeper Enterprise provides proximity-based identification, authentication and authorization to workstations. Using GateKeeper Enterprise an organization can assign granular access permissions to individuals/groups on a per workstation basis.
Identification and AuthenticationUse multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.3.5.3 IA-5GateKeeper Enterprise has the capability to enforce multifactor authentication for all access to a workstation.
Identification and AuthenticationEmploy replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.3.5.4 IA-2GateKeeper is a proximity-based identification and authentication solution. A user must be present to unlock their workstation making it inherently replay-resistant.
Identification and AuthenticationPrevent reuse of identifiers for a defined period.3.5.5 IA-4GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationDisable identifiers after a defined period of inactivity.3.5.6 IA-4GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationEnforce a minimum password complexity and change of characters when new passwords are created.3.5.7 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationProhibit password reuse for a specified number of generations.3.5.8 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationAllow temporary password use for system logons with an immediate change to a permanent password.3.5.9 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationStore and transmit only encrypted representation of passwords.3.5.10 IA-5GateKeeper uses AES-256 encryption to store and transmit passwords.
Identification and AuthenticationObscure feedback of authentication information.3.5.11 IA-6GateKeeper PIN login is obscured and all authentication information is obscured.
Physical ProtectionMaintain audit logs of physical access.3.10.4 PE-3GateKeeper is a proximity-based identification and authentication solution using a physical dongle. A user must be physically present to access a workstation. Audit logs of physical access using GateKeeper are stored indefinitely on the GateKeeper Enterprise server.
Physical ProtectionControl and manage physical access devices.3.10.5 PE-3GateKeeper is a proximity-based identification and authentication solution using a physical dongle. A user must be physically present to access a workstation. Audit logs of physical access using GateKeeper are stored indefinitely on the GateKeeper Enterprise server.
Branch Manufacturing - GateKeeper_logo_security_proximity

"We had problems with people posting there passwords near their computer because they would forget them. Also people having to remember many different passwords for applications and customer web portals.

I was looking for a replacement for my old Biometric access control software. We are a small company and I wanted to find a Proximity-based access."

Dan Long, MIS Director
Branch Manufacturing Co

Capterra Best Value for Authentication Jun-20
Capterra Ease of Use for Authentication Jun-20

See GateKeeper proximity access control in action.

Take a self-guided tour of how you can evolve from passwords. Then you're really saving time with automation.

Enterprise 2FA and password manager. One key for all your passwords. Experience fully automated login and security. Faster 2FA, auto-OTP, password manager, and worry-free workflow with proximity-based privileged access management for Windows 11, 10, 8, 7, macOS, desktop applications, and websites.

Download the free Android app.

Proximity-based passwordless 2FA

Active Directory integration with admin console

Automatic lock for all workstations

Continuous authentication password manager

Automatic OTP on websites for 2FA

Wireless login for PC, Mac, web, and software

or call 240-547-5446