EC2M is evaluating multifactor authentication technology, including the Yubikey token. (U.S. Army photo by Eric Zedalis, Enterprise Services)
Mission Area
February 11, 2020
The U.S. Army is conducting two multifactor authentication (MFA) pilots to strengthen the authentication process and allow Soldiers the convenience to conduct official Army business and online training without government furnished equipment and on their own timeline.
Program Executive Office Enterprise Information Systems (PEO EIS) is evaluating MFA technology to satisfy requirements from the Army chief information officer. PEO EIS has assigned the MFA pilots to Enterprise Content Collaboration & Messaging, a product office within Enterprise Services.
The pilots will evaluate technology and devices that can strengthen Army systems by providing a two-factor authentication solution when the common access card (CAC) is not available. Both MFA pilots are scheduled to be completed in March 2020.
One pilot is evaluating a personal mobile app as a second factor authenticator and another pilot is evaluating the use of a token called a Yubikey. The MFA pilots will leverage the Army Master Identity Directory (AMID) and the Enterprise Access Management System – Army (EAMS-A).
When Soldiers log in to an Army system using EAMS-A with a single factor, they will be prompted to present a second factor (something they have), therefore strengthening the authentication process. The pilot for the Yubikey hardware authenticator token will provide Soldiers a second factor of authentication to log on to Army websites.
“Multifactor authentication for the Army is a game changer for our Soldiers,” said Lee James, III, project director for Enterprise Services. “It allows Soldiers the convenience and capability of conducting business in a secure way from their own devices and on their own time.”
The Yubikey will strengthen the authentication process and improve the Soldiers’ ability to access training, especially when working from home during off-duty hours and when they do not typically have access to government computers and CAC readers. Army Reservists and National Guard members, who often face this predicament, will greatly benefit from this solution.
The mobility pilot is exploring the use of a mobile application that the Soldiers would download on their personal mobile devices and then use the app to register their mobile device as an authenticator that EAMS-A will recognize and validate.
These mobile applications are focused on the use of Soldiers’ personal smartphones (Android and iOS) and will allow them to access Army websites in a secure way by leveraging their own personal smartphone as a second factor.
“The Army has come a long way," James said, "and we are now entering the modern era where the Yubikey and a mobile app could become the new normal for our workforce.”