Enabling Compliance with Password Policies
Mandylion Research Labs
 
  Main | Products | Purchase | Regulatory Compliance | Company Info | News

 
Welcome to our news section. This archive contains articles that mention our company, products or technology as well as noteworthy articles on the authentication industry
Latest News

Federal Computer Week Review
Leading Federal and State IT Publication reviews Mandylion’s next generation token and states its “ready for enterprise deployment”
more info

Wall Street Journal Review
WSJ article provides overview of how corporations are coping with password overload and favorably describes the Mandylion Token as the hardware token solution. more info

Military Information Technology Magazine
Respected Military Journal Reviews DoD program which matured Mandylion token technology. more info

Civilian Agencies Deploy
The Commerce Department’s National Weather Service, Treasury’s Bureau of Alcohol, Tobacco, Firearms & Explosives and the National Institutes of Health Deploy tokens. more info

DoD Funds Development
Mandylion Labs technology was matured and showcased as part of a 3 year Advance Concept Technology Development and Demonstration Project funded by DoD Advanced Systems and Concepts. more info

How Strong Are Your Passwords? Security experts cite weak passwords as one of the most critical security threats to your infrastructure. But just what is a strong password? Are their tools that can help me audit and quantify my risk? more info
Vienna, Va. (June 25, 2004):
Mandylion Research Labs, LLC today announced that, for a second year in a row, its password management technology was invited and participated in the Military’s Joint Warrior Interoperability Demonstration (JWID) during the month of June, 2004. The objective achieved in including the Mandylion technology in this military exercise was to “demonstrate that strong password policy can be effectively deployed in an operational environment” by empowering the warfighter with a simple tool which aids them in their ability to generate and manage cryptographically strong passcodes.

JWID is an annual Chairman of the Joint Chiefs of Staff event with the objective to find technology solutions that will enhance the capabilities of combatant commanders, military services and agencies that support the U.S. Defense Department in its effort to provide Homeland Defense and Security. The U.S. Northern Command (NORTHCOM), hosted JWID 2004, which was led by the Defense Information Systems Agency (DISA). Department of Homeland Security also participated as a portion of the exercises included multiple simulated bio-terrorist attacks on US soil.

This year’s JWID further advanced from its traditional role as a venue for viewing technologies into a proving ground for solutions that can be fielded within 12 months of completion of the event.

Mandylion’s participation in JWID ’04 dovetailed with its planned transition to a commercially available product by year end. “This year, participants must not only be invited by NORTHCOM but also by the Combined Federated Battle Laboratory partners, which include Australia, Canada, NATO, New Zealand, the United Kingdom and the United States stated Maj. Gen Dale Meyerrose, USAF, director of architectures and integration, NORTHCOM.

Lt. Gen. Harry D. Raduege Jr., USAF, Director of DISA stated in a briefing that a major challenge in JWID ‘04 was addressing the information-sharing requirements of the homeland security organizations of the various nations that participated in the event. “This is something that has not been done before but is desperately needed,” Gen. Raduege stated. “We have, in fact, made significant changes in JWID policies to facilitate not only Defense Department interoperability improvements but also in information sharing between national homeland security organizations” Gen. Raduege stated during the briefing. “The response to these changes and new focus was so positive that we had nations knocking down the door to participate in this new JWID environment,” he added. With ad hoc networks quickly assembled in response to a threat, password logins is the only universally accepted form of access control. To make such access secure, cryptographically strong passwords must be utilized by every participant of the system. The Mandylion technology was deployed in JWID ’04 because it is the only technology that excels at enabling users to comply with this requirement.

The consensus opinion on the two-week demonstration among visitors and participants has been overwhelmingly positive.

“I was quite impressed with this year’s JWID projects,” said John M. Gilligan, Air Force chief information officer, after touring JWID. “They clearly showed the potential to significantly improve our joint and coalition war fighting capabilities, as well as our support to homeland security objectives. The JWID projects leveraged both emerging technology and innovative processes to show us the path forward. All in all, this was a great job by the entire JWID government and contractor team.”

“Interacting with representatives from the Federal Emergency Management Agency office in Boston, the Defense Threat Reduction Agency, and other organizations helped the demonstration participants better understand each other’s information sharing capabilities and requirements,” stated Lt. Col. Donna Warner, Combatant Command Interoperability Program office and Horizontal Integration Initiatives Flight chief.
“The Posse Comitatus law prevents the military from getting involved in a civil event unless there is a specific request processed through the secretary of defense,” Colonel Warner said. “We all got a better sense of what information sharing capabilities each organization possesses and how we can collaboratively improve them to better protect the homeland.”
“A number of projects were declared a success and will be fielded in the next six to 18 months,” added Colonel Warner. In addition to the exposure, another benefit of participating in JWID is certifications. “Before they can be fielded, some products have to pass certain milestones to gain certifications, such as the National Security Agency certification,” Colonel Warner said. “These products will be able to point to their performance during JWID to help meet those milestones.”

About JWID ‘04
Since its inception in the 1980s, the Joint Warrior Interoperability Demonstration (JWID) has evolved to reflect the military’s emerging needs. The U.S. Northern Command (NORTHCOM), hosted JWID 2004, which was led by the Defense Information Systems Agency (DISA).

About the Technology
Mandylion Labs’ developed and patented this innovative and inexpensive password manager in a 6 year development effort. It is a key chain sized device that helps any user instantly create cryptographically strong passwords that immediately work with any web site, login or system. To insure purely random passcodes, algorithms embedded within the token’s firmware continuously sense and take input from the user's random and unique interaction with the device. This random data is utilized by the algorithms in generating passwords which can be throttled to meet any password policy as to length, composition and renewal period.

A key feature is that the device functions as a memory aide to the secure and convenient storage of a user’s passwords along with their automatic update. The technology was designed to do away with the inherent weaknesses traditionally associated with the use of passwords; namely the individual being asked to create, remember and regularly change their passwords. Passwords created with the device thwart all known brute force and dictionary type hacking attacks.

Originally developed for U.S. military and national security applications, more advanced versions of the device have the ability to embed user identifying watermarks within the passwords generated. The biometric version of the unit can asymmetrically bio-authenticate the individual logging in to an ordinary web site.

About Mandylion Labs
In 1998, Mandylion Labs originated a simple and intuitive concept toward password management. Today, we're a recognized as the leading innovator in access control utilizing durable password techniques. Government, Corporations and ISPs use our solutions to reduce the cost and complexity of managing their access control systems in the Window NT and Unix and Linux environments while increasing the enterprise's entire baseline of data security. Mandylion products provide organizations with a least cost compliance tool with the information assurance requirements of Sarbanes Oxley, Gramm-Leach Bliley, FISMA (Federal Information Security Management Act).

The Company is located in Vienna, Va. Our number is 703 – 628 4284.
Our e-mail address is info@mandylionlabs.com

Back to Press
 
© 1999 - 2006, Mandylion Research Labs, LLC. All rights reserved.