IT Solutions

MFA for
Air-Gapped Networks

  • lock down high-security environments
    comply with Zero Trust segmentation
    eliminate MFA public cloud gateways

SurePassID enables you to deploy MFA wherever you need it - including air-gapped networks that contain critical data and systems.

  • atkins bw
  • banco bw
  • niagara bw
  • bangkok bank bw
  • vancouver bw
  • quanta bw
  • octa bw
  • sacramento bw
  • cherokee bw
  • ns2 bw
  • calfire bw
  • sunscape bw
  • orbital bw
  • webmd bw
  • ontario bw
  • nova bw
  • aetna bw
  • bank of america bw
  • atrium bw
  • trade finance bw
  • usaf bw
  • cae bw
  • shearwater bw
  • upstate bw
  • sandia bw
  • parkland bw
  • atos bw
  • ball bw
  • winchester bw
  • cec bw
  • medic ambulance bw
  • Argonst bw
  • arup bw
  • vermeer bw
  • FAB bw
  • kurt bw
  • first new mexico bw
  • first choice bw
  • enmax bw
  • jazz bw
  • cherokee nation
  • retail capital bw
  • giesecke bw
  • jabil bw
  • uscp bw
  • wns bw
  • vt halter bw
  • collins bw
  • zoom solar bw
  • taylor bw
  • ibm bw
  • chugach bw
  • maven bw
  • fbi bw
  • infosys bw
  • leidos bw
  • ecomm bw
  • conduent bw
  • watercryst bw
  • mckesson bw
  • wg bw-1
Powerful Features

SurePassID Universal Server secures the CUI that no other MFA solution can

Man using tablet pc beside servers in data center

Private Clouds

CUI often lives in on-prem data centers or hosted private clouds. SurePassID secures access to all of them, including GCC High instances.

Learn More
Male engineer at a construction site with a tablet computer

Shop Floors

When CUI goes to the manufacturing shop floor, SurePassID secures it on Operational Technology (OT) industrial control systems.

Learn More
Man connecting network cables to switches

Air-gapped Systems

CUI in air-gapped systems like secure enclaves, intellectual property repositories, and SCIFs/SAPFs? Not a problem for SurePassID.

Learn More

Air-gapped networks require air-gapped MFA

Escalating cyber threats have underscored the need for robust security measures for air-gapped networks. These high-risk networks, integral to critical infrastructure, military and government sectors, and manufacturing units, are prime targets for cybercriminals. Air gapping is a crucial line of defense, minimizing the attack surface. However, robust identity protection within these networks is equally vital. This is where SurePassID's Multi-Factor Authentication (MFA) solution comes into play.

SurePassID's Unified Identity Protection platform revolutionizes secure authentication within air-gapped environments. Leveraging FIDO2 hardware tokens, our MFA solution provides an unobtrusive approach to legacy systems. There's no need for code modifications or changes to your existing authentication infrastructure. By adding this extra layer of security, SurePassID offers real-time protection against lateral movement and automated malware propagation.

Our MFA solution is designed with the understanding that security is not a one-size-fits-all proposition. With our authentication platform, you're not just implementing an additional security measure; you're fortifying your network with a resilient shield, capable of evolving with the ever-changing threat landscape. With SurePassID, you benefit from enhanced security without compromising on operational efficiency.

Customer Case Study

MFA for Air-Gapped Systems, including SCIFs and SAPFs


SurePassID delivers the benefits that no other MFA vendor can

Zero Trust everywhere

SurePassID makes it easy to achieve Zero Trust. Deploy MFA for IT in the cloud, OT on-premise or in private clouds.

Outstanding ROI

User self-service. Administrative automation. Unrivaled technical support. Everything about SurePassID maximizes your ROI.

Regulatory compliance

No matter what your cybersecurity mandate, SurePassID has the MFA solution you need for compliance.

Five 9s availability

MFA is mission critical. SurePassID has the Five 9s (99.999%) availability, redundancy, and automatic failover you need.

Phishing resistance

FIDO2 and CAC/PIV are the forms of phishing-resistant MFA that exist today. SurePassID enables you to make the most of both.

Cyber liability insurance

Securing privileged accounts with MFA is a foundational requirement of CLI. Achieve it rapidly and cost-effectively with SurePassID.

360° view of user access

SurePassID delivers a 360 degree view of user access across your IT/OT apps and integrates it with your SIEM or SOAR solution.

AI-based access monitoring

SurePassID's AI-based monitoring automates the alerting and interventions for lateral movement and unauthorized access.


What our customers say

“We selected SurePassID due to their performance and professionalism during a multiple vendor competition for a multi-factor authentication solution. But their outstanding technical support is what we have valued most over the years. Very impressive.”


Frequently asked questions about SurePassID

What are SurePassID's deployment modes?

  • Software-as-a-Service (SaaS Public, SaaS Private)
  • Windows Installer Package (Microsoft Windows Server 2012-2022, any edition, and Microsoft Windows 8-11)
  • Virtual Machine (Microsoft Hyper-V)
  • Container Image (Docker/Kubernetes, Microsoft ACI, Amazon ECS)
  • Embedded (Windows 7 or later, Linux OpenEmbedded for 32/64-bit ARM/PPC/MIPS/x86)
  • Secure Element (NXP EdgeLock SE050/SE051, NXP A71CH/A71CL/A1006)

How long does it take to deploy SurePassID?

Cloud deployments can occur same day.

On-premise and air-gapped deployments will vary depending on the complexity of your requirements.

Regardless, our Customer Success team will be with you every step of the way.

Can SurePassID integrate with my IAM solution?

As a SAML 2.0 IdP, SurePassID easily and seamlessly adds MFA to any existing IAM solution, such as Okta or Ping Identity.

SurePassID also integrates with Third-Party directory services, such as Workday, Oracle, and SAP.

We even integrate with legacy SCADA systems that have built-in user directories.

What makes SurePassID better than other MFA solutions?

  1. Unmatched on-premise and air-gapped capabilities
  2. Outstanding technical support
  3. Unbeatable value

How secure is SurePassID?

SurePassID is the most hardened MFA solution on the market. We never stop innovating to protect our customers from evolving cyberthreats.

  • USA company
  • Secure SBOM (Software Bill of Materials)
  • Secure user and token provisioning (QR code to one-time-use provisioning page)
  • Comprehensive logging and audit trail
  • FIPS 140 mode
  • AES 256 encryption for data at rest
  • SHA 256 or SHA 512 encryption for data in iransit
  • And much more...

How much does SurePassID cost?

Visit for a complete guide to SurePassID Authentication Server pricing and features.


How can we help you?

Talk to one of our MFA experts about your unique requirements. Or request a demo and see how easy it is to secure your universe of apps with SurePassID Authentication Server.