Apr 27, 2020 | by Anjana Ramesh | posted in CAC/PIV Authenticator for Atlassian
Government organizations in the US need to adhere to a mandatory, government-wide standard for secure and fool proof two-factor authentication in order to protect facilities and IT systems. As a result, the US government has issued smart cards called CAC (Common Access Cards used by the Department of Defence) and PIV cards (Personal Identity Verification cards used in other branches of the US government) to all government employees as a standard authentication system. This enables them to gain access to buildings and controlled spaces as well as computer networks, systems, and online resources. An employee’s CAC/PIV card and a personal identification number are the two credentials that a two-factor authentication system requires.
Enable CAC/PIV authentication for the Atlassian suite using Goldfinger’s CAC/PIV Authenticator Our CAC/PIV authenticator solution equips all Atlassian products like Jira Software, Jira Service Desk, Jira Core, Bitbucket, Bamboo, and Crowd with CAC/PIV authentication capabilities. The authenticator uses client certificates for authentication, thereby protecting critical systems from unauthorized access. It offers Atlassian users quick and easy access to all the applications without any complexities. How does the solution work? The solution can be easily integrated into an organization’s current environment and infrastructure. By default, when users are attempting to log in to any of the Atlassian applications, the application prompts the users with their Atlassian user ID and password. If the user is a valid CAC/PIV card holder, he automatically logs into the Atlassian application on successful user authentication. The authentication process A validated client certificate is stored on the user’s PIN-protected smart card. The solution accesses the certificate through the user’s internet browser to authenticate the user. In some cases, the browser prompts the user to select the certificate. Otherwise, the solution automatically validates the default certificate installed into the browser.
Subsequently, the solution compares the user credentials fetched from the client certificate with Atlassian’s user directory to check if the user is authorized to access the application. Once authenticated, the user logs in and gains access to all the permitted features associated with the Atlassian application. Key features of the CAC/PIV Authenticator solution Quick and easy sign-on: The CAC/PIV Authenticator grants quick and convenient sign-on options that enable hassle-free access to the Atlassian suite. Easy and quick installation with no hidden costs: You can quickly install the plugin and integrate it with your IT system by following the instructions in the installation guide. Subsequently, you get instant access to the app, which is not based on any other solution or service. Therefore, the solution does not incur additional costs. Advanced compatibility: The solution provides access to all compatible Atlassian products including the Atlassian Data Center. It also allows you to easily customize accessibility to the applications by setting role-based permissions. Benefits of the CAC/PIV Authenticator solution Secure identification with reliability: The solution meets the demand for a secure, robust form of identification while maintaining mission-critical reliability. Common authentication for all systems: Users can access the Atlassian applications with the same CAC/PIV card used to access all the physical facilities and computer resources. Establishes accountability: It helps to foster security and accountability practices tied to the identity of individual Atlassian users. So, is this CAC/PIV Authenticator solution confined only to the government organizations? No. Other organizations that use smart cards with client certification can deploy this solution to reap the same benefits.
Are you still using traditional authentication methods to access your Atlassian applications? If your organization is a smart card user, switch to ourCAC/PIV Authenticator for your Atlassian suite and enable secure and federal-compliant access control for your mission-critical Atlassian applications.
Do you have more questions? Please feel free to talk to our experts today!
About Anjana Ramesh
Anjana is responsible for delivering insightful, valuable, and relevant content assets that address the needs, pain points and questions of the audience. She strongly believes that any piece of content has to help the readers find a solution to their problems rather than merely selling a product or a service.