Zero Client™ as a Service (ZCaaS™)
Zero Client as a Service (ZCaaS™) is a quick-booting, web-based secure enclave for Federal government contractors to work with Controlled Unclassified Information (CUI) without worrying about hardening and monitoring a local computer.
ZCaaS™ helps small- and micro-businesses achieve CMMC compliance more efficiently while minimizing cost.
What is ZCaaS™?
Zero Client as a Service (ZCaaS) ™ is a temporary “desktop in the cloud” you can use to edit your sensitive information and transfer it from one cloud service to another without “contaminating” your local PC or Mac.
We call it a “zero client” because your local workstation acts as a client to a cloud service and zero information is ever stored, processed, or transmitted on your local machine.
ZCaaS™ is ideal for a small or micro-sized business looking to conduct business with the US Government in the Federal Contract space.
Convenient
ZCaaS™ features a quick-booting, non-persistent Windows 10 environment hosted entirely in the cloud, meaning no files or data you browse to ever reach your local workstation, and when you’re finished, all traces of the session are deleted from the cloud.
Easy
ZCaaS™ allows you to interact with your files that contain sensitive information, such as Controlled Unclassified Information (CUI) or Protected Health Information (PHI), from an untrusted, un-managed, un-hardened, or employee-owned workstation.
Secure
ZCaaS™ is a virtual ephemeral Windows 10 OS in the Azure Government Cloud built on Microsoft’s Azure Virtual Desktop (AVD) service. The temporary nature of the desktop allows the user to operate on CUI in a secure enclave with confidence. Files are stored long-term and shared externally through SafeShare, powered by Keeper Security™ in AWS GovCloud.
ZCaaS™ Overview
From any unmanaged workstation with internet access, you can use ZCaaS to:
- Browse to trusted and managed cloud-based file shares, such as the ZCaaS™ SafeShare platform, DoD SAFE, or others.
- View and manipulate files and documents in the ZCaaS™ Azure Virtual Desktop (AVD); they can never be downloaded or copied to the workstation.
- Transfer and save files to ZCaaS™ SafeShare for later use.
- ZCaaS™ can also be used in sync with our Totem™ Cybersecurity Compliance Management Software to maintain your company’s SSP and POAM for NIST/CMMC compliance.
- Edit Office or PDF documents, or interact with ZIP or compressed files, in a Windows 10 virtual desktop.
ZCaaS™ will save you time and money!
- ZCaaS™ removes the need to securely configure — or “harden” — your local workstation to protect sensitive files that may reside on it, saving hours of IT security labor per workstation.
- Since the ZCaaS™ session is non-persistent — or ephemeral — you don’t need to worry about monitoring the ZCaaS™ environment.
- This means ZCaaS™ is a fraction of the cost of other web-based solutions for secure CUI manipulation.
ZCaaS™ Security
ZCaaS™ is powered by two of the leading secure cloud services: Microsoft Azure Government and AWS GovCloud technologies. Azure Government and AWS GovCloud are SOC 2 attested and hosted in a FedRAMP Moderate Authorized environment.
The ZCaaS™ concept is based on the now defunct DoD Trusted End Node Security (TENS) program.
TENS was designed to allow DoD remote-working employees to login to DoD-controlled networks from their unmanaged personal devices. However, TENS relied on booting a workstation from DVD or USB, which required some reconfiguration of the workstation and took several minutes to boot (at a minimum). Also, the TENS boot media by its nature contained a limited set of drivers, and so only worked on limited workstation makes and models. ZCaaS™ provides the same security features as TENS without the limitations.
ZCaaS™ "How-To" Walkthrough Steps
Click each item below for “how-to” instructions.