Schedule a Demo of GateKeeper Enterprise or call 240-547-5446

DFARS / NIST 800-171

Effortlessly meet complex compliance requirements.

AUTOMATED COMPLIANCE

Automated access control, accountability, auditing, and authentication.

Role-based access control for organizations that require an elevated focus on security while maintaining ease of usability. The National Institute of Standards and Technology (NIST) and the Defense Federal Acquisition Regulation Supplement (DFARS) now require baseline security controls including access control and password strengths.

Limit information system access to authorized users

Simple and instant multi-factor authentication

FIPS 140-2 compliant and AES 256 encryption

Automatically audit every user and computer interaction

Enforce password lengths with custom requirements

majortoolmachine_gatekeeper_key_security_dfars

"...Gatekeeper solved one critical aspect of complying with DFARS and securing workstations for Major Tool & Machine, while providing a seamless tool for computer access for their employees and securing their data."

Tom Riddle, Network Systems Administrator
Major Tool & Machine, Inc.

GateKeeper Enterprise DFARS / NIST 800-171 Compliance Summary

As of 2018, all government contractors processing, storing, or transmitting controlled but unclassified information (CUI) must meet the Defense Federal Acquisition Regulation Supplement (DFARS) security requirements or jeopardize losing their contracts.

Control FamilyControl Details800-171 Control Number800-53 Control NumberImplementation
Access ControlLimit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).3.1.1 AC-3GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. GateKeeper automatically locks a user’s computer when they are no longer in proximity to their workstation immediately protecting unauthorized users from accessing a system.
Access ControlLimit information system access to the types of transactions and functions that authorized users are permitted to execute.3.1.2AC-3GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. GateKeeper automatically locks a user’s computer when they are no longer in proximity to their workstation immediately protecting unauthorized users from accessing a system.
Access ControlEmploy the principle of least privilege, including for specific security functions and privileged accounts.3.1.5 AC-6GateKeeper Enterprise provides proximity-based authentication and authorization to workstations. Using GateKeeper Enterprise, an organization can granularly assign access permissions to individuals/groups on a per workstation basis. This helps enforce the concept of least privilege on a system level.
Access ControlLimit unsuccessful logon attempts.3.1.8 AC-7GateKeeper has the ability to lock a user's account after an administrator-defined number of unsuccessful login attempts.
Access ControlUse session lock with pattern-hiding displays to prevent access/viewing of data after period of inactivity.3.1.10 AC-11GateKeeper automatically locks a user's workstation when they are no longer in proximity to their workstation - preventing access/viewing of data.
Audit and AccountabilityCreate, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity.3.3.1 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. These audit logs are retained indefinitely.
Audit and AccountabilityEnsure that the actions of individual information system users can be uniquely traced to those users so they can be held accountable for their actions.3.3.2 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it.
Audit and AccountabilityCorrelate audit review, analysis, and reporting processes for investigation and response to indications of inappropriate, suspicious, or unusual activity.3.3.5 AU-3GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. GateKeeper can connect to a syslog server and integrate with an enterprise security architecture. Authorized admins have the ability to export audit logs to further enable audit review, analysis, and reporting processes.
Audit and AccountabilityProvide audit reduction and report generation to support on-demand analysis and reporting.3.3.6 AU-7GateKeeper Enterprise provides robust auditing capabilities that identifies when an individual user was in proximity to a workstation and successfully locked/unlocked it. GateKeeper can connect to a syslog server and integrate with an enterprise security architecture. Authorized admins have the ability to export audit logs to further enable audit review, analysis, and reporting processes.
Audit and AccountabilityProtect audit information and audit tools from unauthorized access, modification, and deletion.3.3.8 AU-9GateKeeper Enterprise provides proximity-based authentication and authorization to workstations and thus can protect audit information and audit tools from unauthorized access.
Audit and AccountabilityLimit management of audit functionality to a subset of privileged users.3.3.9 AU-9GateKeeper Enterprise provides proximity-based authentication and authorization to workstations and thus can protect audit functionality to a subset of users.
Identification and AuthenticationIdentify information system users, processes acting on behalf of users, or devices.3.5.1 IA-4GateKeeper Enterprise provides proximity-based identification, authentication and authorization to workstations. Using GateKeeper an organization can identify a user at a workstation.
Identification and AuthenticationAuthenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.3.5.2 IA-4GateKeeper Enterprise provides proximity-based identification, authentication and authorization to workstations. Using GateKeeper Enterprise an organization can granularly assign access permissions to individuals/groups on a per workstation basis.
Identification and AuthenticationUse multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.3.5.3 IA-5GateKeeper Enterprise has the capability to enforce multifactor authentication for all access to a workstation.
Identification and AuthenticationEmploy replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts.3.5.4 IA-2GateKeeper is a proximity-based identification and authentication solution. A user must be present to unlock their workstation making it inherently replay-resistant.
Identification and AuthenticationPrevent reuse of identifiers for a defined period.3.5.5 IA-4GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationDisable identifiers after a defined period of inactivity.3.5.6 IA-4GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationEnforce a minimum password complexity and change of characters when new passwords are created.3.5.7 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationProhibit password reuse for a specified number of generations.3.5.8 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationAllow temporary password use for system logons with an immediate change to a permanent password.3.5.9 IA-5GateKeeper can integrate with an organization's Active Directory to enforce this control.
Identification and AuthenticationStore and transmit only encrypted representation of passwords.3.5.10 IA-5GateKeeper uses AES-256 encryption to store and transmit passwords.
Identification and AuthenticationObscure feedback of authentication information.3.5.11 IA-6GateKeeper PIN login is obscured and all authentication information is obscured.
Physical ProtectionMaintain audit logs of physical access.3.10.4 PE-3GateKeeper is a proximity-based identification and authentication solution using a physical dongle. A user must be physically present to access a workstation. Audit logs of physical access using GateKeeper are stored indefinitely on the GateKeeper Enterprise server.
Physical ProtectionControl and manage physical access devices.3.10.5 PE-3GateKeeper is a proximity-based identification and authentication solution using a physical dongle. A user must be physically present to access a workstation. Audit logs of physical access using GateKeeper are stored indefinitely on the GateKeeper Enterprise server.
Branch Manufacturing - GateKeeper_logo_security_proximity

"We had problems with people posting there passwords near their computer because they would forget them. Also people having to remember many different passwords for applications and customer web portals.

I was looking for a replacement for my old Biometric access control software. We are a small company and I wanted to find a Proximity-based access."

Dan Long, MIS Director
Branch Manufacturing Co

See GateKeeper Enterprise in action

Take a self-guided tour of how your proximity-based access control can work.

GateKeeper Enterprise 45-Day Trial

Shift tactics to something that works. All your passwords in one place and only accessible by you. Trial allows you to experience fully automated access and security before full deployment. Try instant multi-factor authentication and worry-free workflow with proximity-based privileged access management.

5 GateKeeper wireless proximity tokens

45 days of automated access control

Premium support & deployment assistance

Discounted first-year subscription

or call 240-547-5446

Pin It on Pinterest