A group led by integrator Optiv Canada that includes Venafi and Ottawa-based Crypto4A Technologies has won a competitive contract to automate much of the federal government’s network device authentication process.
The contract with Shared Services Canada, which delivers data centre and email services to most federal departments, was signed in March but it has taken until now for the government to approve Optiv’s announcement.
In the middle of being implemented, the on-premises solution is part of Ottawa’s move to a zero trust environment by managing the digital certificates for 1.5 million devices — everything with an IP address on the federal network, including PCs, servers, printers, routers and switches.
Optiv Canada is the integrator. Utah-based Venafi provides automated certificate lifecycle management that protects machine identities against TLS certificate outages or compromises, replacing a manual system. Crypto4A Technologies sells a range of quantum-safe solutions that can be used for public key infrastructure, unified key management, and code signing in a zero-trust architecture. In January, the Federal Economic Development Agency for Southern Ontario (FedDev Ontario) announced that Crypto4A was getting a repayable contribution of more than $2 million to accelerate the commercialization of its QxEDGE quantum-safe cybersecurity platform.
A manual lifecycle management system could take up to 45 minutes to oversee a certificate, Mike Watson, Optiv Canada’s senior demand and delivery manager for cryptography, said in an interview. “They can now automate it down to one-to-two minutes.”
“The implementation of this service will contribute significantly to the overall efficiency of Government of Canada operations and its IT security by ensuring all authorized devices connect safely to a consolidated Shared Services Canada network,” the government said in a statement.
“This service will provide a centrally-managed public key infrastructure to create interoperability between departments and ensure greater security and compliance for authorized devices connecting to the Government of Canada networks, sites or services. The service will also enhance reliability by providing self-service and automated support services to users.”
There were no details on the value or length of the federal contract.
“The goal is to secure the devices and prevent network outages” from expired certificates, Ann Garber, Optiv Canada’s regional director for the public sector, said in an interview. “This will help government networks to remain stable and healthy.”
“We’re delighted we won,” added Cheryl McGrath, Optiv Canada’s country general manager and area vice-president. “But we’re also delighted that the government is on this path to lay this secure foundation for zero trust.”
The contract was awarded following a lengthy process that started in 2020 and involved a request for proposals and the submission of proofs of solutions. It was awarded under the government’s new cybersecurity procurement vehicle (CSPV) program. As part of that program, the provinces and territories can use approved solutions to make similar deals. According to Optiv Canada, one unnamed province is already doing that with this deal.