To have industry-leading government
The US government’s memorandum M-22-09 on zero-trust security mandates agencies to “discontinue support for authentication methods that fail to resist phishing.” This memorandum also edicts the “continual verification of each user, device, application and transaction.” But, can any solution meet these demands — ideally without burdening the user?
While this level of security seems impossible, WinMagic successfully delivers it — and more.
SecureDoc Endpoint Encryption
Encryption of data-at-rest is a critical part of government-ready information security architecture. Already used by many government agencies, SecureDoc provides a seamless data security solution with state-of-the-art encryption that reliably and transparently protects intellectual property and PII throughout the organization. SecureDoc is FIPS 140 validated to meet the requirements of government organizations and agencies.
MagicEndpoint Passwordless Authentication
WinMagic has further innovated the industry’s best ideas regarding FIDO public-key-cryptography-based authentication, federated IdP and IAM authentication plus zero-trust security. By continually verifying the user + endpoint device, MagicEndpoint generates the most secure authentication and the best possible user experience — with no user action required. The software also supports PIV/CAC for preboot login and Windows sign-on.
WinMagic products are available under GSA Schedule:
GSA schedule # GS-35F-0795N.
Carolina Advanced Digital, Inc.
PO Box 318, Siler City, NC 27344
Contact person: Susan Jabbusch
Email: susan@cadinc.com
Tel: (919) 663-2211, ext. 102 or (800) 435-2212
Fax: (919) 742-2279
https://www.cadinc.com/
PIV/CAC Smartcards
WinMagic solutions accommodate a variety of security policies by supporting single and multi-factor preboot authentication methods. These methods include passwords, smartcards, USB tokens, biometric devices and Trusted Platform Module (TPM) verification.
WinMagic solutions comply with FIPS 201 and HSPD-12 standards by supporting compliant Personal Identity Verification (PIV) cards, commonly used by US Federal employees and contractors, and Common Access Cards (CAC), held by active-duty military personnel, reserve personnel, civilian employees, non-DOD employees, state employees of the National Guard and eligible contractor personnel.
CMMC
WinMagic’s SecureDoc Full Disk Encryption and MagicEndpoint Authentication are FIPS 140 validated and can support Defense Industrial Base (DIB) contractors in achieving Cybersecurity Maturity Model Certification (CMMC) compliance. WinMagic solutions provide increased assurance that contractors and subcontractors are meeting the most stringent cybersecurity requirements that apply to acquisition programs and systems that process controlled, unclassified information.
WinMagic CMMC Level 2 |
SecureDoc |
MagicEndpoint |
||
Access Control | ||||
|
![]() |
![]() |
||
|
![]() |
|||
|
![]() |
![]() |
||
|
![]() |
|||
Audit and Accountability | ||||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
Identification and Authentication | ||||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
|||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
Maintenance | ||||
|
![]() |
|||
Media Protection | ||||
|
![]() |
|||
|
![]() |
|||
|
![]() |
|||
System and Communications Protection | ||||
|
![]() |
![]() |
||
|
![]() |
![]() |
||
|
![]() |
SecureDoc Features
WinMagic’s SecureDoc endpoint encryption solution is ready to support governmental directives today.
- Uses a scalable, enterprise-class DBMS that supports distributed computing, backup functionality, replication, clustering, etc.
- Users can make backups of encrypted disks with imaging software as if the disk is not encrypted
- Pre-boot support for smartcards, USB crypto tokens and PKI
- Support for biometrics devices at pre-boot
- Support at boot time for the Trusted Platform Module (TPM)
- The central server communicates with client PCs via LAN, over the Internet, intermittent network or even with no network access at all
- Users can recover data even if the disk is infected by viruses
- Compatible with boot manager (Boot Magic, Boot-US, Windows Boot Manager) and supports multiple operating systems (multi-boot)
- Allows the initial encryption (conversion) to be interrupted — e.g., by a power outage — without data loss
- Compatible with VMware “out of the box”
- Support for encryption of MO drives
- Support for removable media (USB memory sticks, SD cards, ZIP, JAZ, etc.). Administrators can configure SecureDoc to
- Disable all removable media access
- Allow read-only access if the removable media is not encrypted
- Allow access only if the removable media is encrypted (with pre-defined keys etc.)
- Compatible with partitioning software, such as Partition Magic, where encrypted disk partitions can be resized, added or deleted as if the disk were not encrypted
- Support disks larger than 2000 Giga bytes and an unlimited number of partitions
- Different partitions can be encrypted with different keys, e.g., for sharing
- Support for hibernation mode
- Support RAID controllers
- Can encrypt the entire disk, not only partitions
- Divides the disk into compartments, encrypted by different cryptographic keys so that a virus in one compartment would not affect the other compartments
- Fast, robust and reliable initial encryption (conversion) where users can even run defragmentation during the initial conversion
- Support for SHA-2
MagicEndpoint Features
- Pre-boot authentication for Windows with MFA via
- Bluetooth low energy (BLE)
- Network-based
- TPM PIN
- PIV/Tokens
- Windows login authentication via using Bluetooth low energy (BLE) MFA or network-based MFA
- Supports for the following protocols:
- SAMIL
- OIDC
- LDAP
- RADIUS
- ADFS
- WS Trust
- Compatible with Okta, Ping Identity and Azure AD
- Multi-tenant SaaS support
Certifications and Standards
WinMagic has proudly achieved the following certifications and standards:
- CMMC
The Cybersecurity Maturity Model Certification (CMMC) program provides a standardized approach to cybersecurity across the U.S. Department of Defense (DoD) that measures and assesses the cybersecurity capabilities and maturity of contractors and subcontractors working with the DoD. Learn more
- FIPS 201
Federal Information Processing Standards establishes the minimum requirements for PIV cards, including physical and logical security features, data elements and interoperability specifications. FIPS 201 requirements help ensure the security and integrity of federal information systems and protect data on lost or stolen laptops.
- HSPD-12
Homeland Security Presidential Directive 12 (HSPD-12) establishes the policy for a common identification standard for federal employees and contractors, requiring the use of Personal Identity Verification (PIV) cards that meet specific security conditions.
- FIPS 140
Specifies the security requirements that cryptographic modules must meet to ensure they provide adequate security for sensitive information, covering a wide range of security areas including cryptographic key management, cryptographic algorithms, physical security, operational security and design assurance.
- Rehabilitation Act
Section 508 of the Rehabilitation Act requires federal agencies to make their electronic and information technology (EIT) accessible to people with disabilities. This act considers aspects such as keyboard accessibility, text alternatives, color contrast and more.
2005
US Government SecureDoc Pilot
WinMagic partnered with the U.S. Department of State to integrate a Personal Identity Verification (PIV) card and biometric devices with Public Key Infrastructure (PKI) and disk encryption to help the department meet HSPD-12 mandates.
2004
SecureDoc FORTEZZA
This FORTEZZA-based version of SecureDoc was the only disk encryption software certified by the NSA to safeguard US government secret information.
2002
NIST AES
WinMagic attained the first ever NIST certification for the AES symmetric encryption algorithm, which is widely considered one of the most secure encryption algorithms for protecting sensitive information.
2000
Common Criteria EAL
WinMagic SecureDoc 2.0 Disk Encryption software was awarded Common Criteria Certification by the federal government's Communications Security Establishment (CSE).
1999
SecureDoc Disk Encryption approved for SECRET
SecureDoc was approved for the protection of SECRET data by the National Security Agency (NSA).