The US Dept. of Defense, Defense Innovation Unit (DIU), and Lastwall

"DIU and Lastwall have been working together since 2017, and the platform has grown and delivered consistent value alongside our increasing needs. Lastwall's focus on Zero Trust and secure by design components, along with exceeding compliance requirements brings significant benefit to us, and we're excited to leverage some of their forward facing capabilities like post-quantum resilience as the threat landscape evolves."- John Chen, Chief Information Officer, Defense Innovation Unit

Enabling Secure Cloud Use & Implementing Zero Trust Architecture

As the experimental and innovation branch of the U.S. Department of Defense, the Defense Innovation Unit (DIU - formerly known as DIUx) is on the cutting edge of testing, evaluating, and deploying new technologies before a recommendation is made regarding use cases and broader adoption by government and defense agencies. In the process of achieving its mission to strengthen U.S national security by accelerating the adoption of commercial technology, DIU was arguably one of the first agencies that recognized the workforce, efficiency, and collaboration benefits brought on by cloud computing. As a result, DIU was tasked with evaluating various solutions that could one day underpin the US government’s zero-trust oriented digital transformation.

The Secure Cloud Management project was launched with the goal of providing DIU with fast, secure, and controlled access to software-as-a-service (SaaS) applications directly over the internet. Three vendors were selected for pilot projects (Google Cloud, Zscaler and McAfee Public Sector) for multi-cloud management services, with Google Cloud eventually being selected for a larger long-term contract. “These solutions simplify engagement with non-traditional technology vendors by allowing DIU users to collaborate in real time. The solutions provide equivalent security and control to the DoD’s Cloud Access Point (CAP) while delivering real-time performance, which is critical for such things as videoconferencing and file sharing,” John Chen, CIO for DIU, said in a press release.

Lastwall had been following DIU’s exploration of zero trust-based cloud enabling technologies since 2017 and found a value proposition that could support this digital transformation. As stated by the DIU portfolio catalog, the Lastwall solution provides “a scalable, interoperable authentication solution to reduce reliance on passwords and smart card-based authentication across DoD system and applications.” Lastwall was also able to meet the following requirements: “Solution must support multiple server and host-based operating systems, be immediately available and proven in a commercial environment, and must demonstrate means for operation within latent or disconnected network environments. Solution must be demonstrated in an operational environment integrated with industry standard network domain management such as Microsoft's Active Directory Domain Services.”

Lastwall’s goal in working with DIU is to provide a “Zero Trust Architecture passwordless authentication and authorization (IDAAS/IDP) system that helps agencies increase their user security and reduce reliance on passwords. Lastwall makes user logins significantly more secure than traditional password based systems, easier for end users and less work for administrators. Lastwall works with existing user repositories such as Active Directory and requires minimal changes to current architecture. The platform can act as a host testing environment for new strong authentication methodologies (eg. video authentication with deep fake detection) and provides strong PKI [Public Key Infrastructure] based authentication capabilities and allows for extra visibility and control of login to both local resources and third party cloud tools. The platform also has a number of options for integrating current and future PKI capabilities (eg. CAC cards, FIDO2 and other TPM based PKI), and addresses near term high level security concerns including Post Quantum Cryptography resiliency to defend against store now, decrypt later attacks. Lastwall has proven to integrate well with existing DoD and cloud systems”.

__________

The Defense Innovation Unit (DIU) Commercial Solutions Catalog is a compilation of both successful and transitioned prototypes. In conjunction with Department of Defense (DoD) partners they have evaluated, adapted, and tested these commercial solutions to solve your organization's AI/ML, autonomy, cyber, human systems, and space challenges. To read Lastwall's full product catalogue listing by the DIU, follow this link.