Federal Government

Federal Government

Our Nation’s security and economic prosperity depend on the stability and integrity of our Federal communications and information infrastructure. In order to address the continuously changing environment of threats posed on our nation’s cybersecurity defenses, the Federal Government must continue its vigorous advancement of technical and policy protection capabilities for national systems, to expand partnerships with the private sector, and to work with Congress to clarify roles and responsibilities.

This National Cyber Strategy outlines how we will (1) defend the homeland by protecting networks, systems, functions, and data; (2) promote American prosperity by nurturing a secure, thriving digital economy and fostering strong domestic innovation; (3) preserve peace and security by strengthening the United States’ ability — in concert with allies and partners — to deter and if necessary punish those who use cyber tools for malicious purposes; and (4) expand American influence abroad to extend the key tenets of an open, interoperable, reliable, and secure Internet.

The Strategy’s success will be realized when cybersecurity vulnerabilities are effectively managed through identification and protection of networks, systems, functions, and data as well as detection of, resilience against, response to, and recovery from incidents; destructive, disruptive, or otherwise destabilizing malicious cyber activities directed against United States interests are reduced or prevented; activity that is contrary to responsible behavior in cyber- space is deterred through the imposition of costs through cyber and non-cyber means; and the United States is positioned to use cyber capabilities to achieve national security objectives.

Protecting the American people, the American way of life, and American interests is at the forefront of the National Security Strategy. Protecting American information networks, whether government or private, is vital to fulfilling this objective. It will require a series of coordinated actions focused on protecting government networks, protecting critical infrastructure, and combating cybercrime. The United States Government, private industry, and the public must each take immediate and decisive actions to strengthen cybersecurity, with each working on securing the networks under their control and supporting each other as appropriate.


The United States cannot affordto have sensitive government information or systems inadequately secured by contractors. Federal contractors provide important services to the United States Government and must properly secure the systems through which they provide those services. Going forward, the Federal Government will be able to assess the security of its data by reviewing contractor risk management practices and adequately testing, hunting, sensoring, and responding to incidents on contractor systems. Contracts with Federal departments and agencies will be drafted to authorize such activities for the purpose of improving cybersecurity. Among the acute concerns in this area are those contractors within the defense industrial base responsible for researching and developing key systems fielded by the DOD.

Continuous monitoring is a risk management approach to cybersecurity that maintains an accurate picture of an agency’s security risk posture, provides visibility into assets, and leverages use of automated data feeds to quantify risk, ensure effectiveness of security controls, and implement prioritized remedies. A well-designed and well-managed continuous monitoring program can effectively transform an otherwise static security control assessment and risk determination process into a dynamic process that provides essential, near real-time security status.

In today’s environment of widespread cyber-intrusions, advanced persistent threats, and insider threats, it is essential for agencies to have real-time accurate knowledge of their enterprise IT security posture so that responses to external and internal threats can be made swiftly.

*Mitigate the risk and impact of threats to Federal agencies’ data, systems, and networks by implementing cutting edge cybersecurity capabilities.


Manage Asset Security- Implement capabilities that provide observational, analytical, and diagnostic data of an agency’s cybersecurity.

  • Limit Personnel Access-  Implement credential and access management capabilities that ensure users only have access to the resources necessary for their job function.
  • Protect Networks and Data- Implement advanced network and data protection capabilities to protect agency networks and sensitive government and citizen data.

Up until now, organizations have lacked the ability to fully protect their endpoints from a zero-day keylogger. Most keyloggers have the ability to change their form and go undetected as they quickly spread between the endpoints in your enterprise.

How do you fight back? With EndpointLock: Patented keystroke encryption for desktops and mobile devices.

What Are Keyloggers?

  • Keyloggers can record every keystroke made on a mobile device or desktop
  • Keyloggers are the single biggest threat leveraged in the first stages of almost all advanced threats
  • Today’s anti-virus solutions are unable to identify and stop keylogging
  • 98% of enterprise breaches include a phishing attack to install a keylogger
  • Keyloggers can change form and go undetected for months or years

How Keyloggers Hurt Businesses?

Keyloggers can steal your:

  • Privacy
  • Usernames and passwords
  • Personal identity
  • Credit card numbers
  • Proprietary corporate data
  • Email accounts
  • Corporate transactions
  • Banking data

EndpointLock and KTLS

Keystroke Transport Layer Security (“KTLS”) is a patented cryptographic protocol that provides for the encryption and transport of keystrokes, at the kernel level. It activates at the time of secure boot, or entry into any application or web browser. This proprietary technology is unique to CromTec Cyber Solutions.

KTLS can be utilized in both desktop and mobile environments as a critical component of endpoint security. The protocol provides strong cryptography at the time of keystroke entry, to protect the initial transmission of usernames and subsequent keystrokes entered in to any program or application.

EndpointLock is the commercial product name by which KTLS is implemented within an enterprise.

EndpointLock™ Key Features:

Continuous Protection

  • The only solution that protects against zero-day keyloggers.

  • Operates as an anti-subversive, detects untrusted drivers and displays a warning containing the name of any suspicious driver.

  • Automatically installs to your TPM (Trusted Platform Module) if available.

Visual Alerts

  • Anti-Screen Scraping blocks screen capture.

  • Anti-Clickjacking Warning visually alerts you with a red dotted outline of untrusted areas.

  • CryptoColor: Visual confirmation highlights verifies the text fields are safe to type into.


  • Can be installed in an enterprise and deployed via group policy.

  • Compatible with McAfee ePolicy Orchestrator

  • Can encrypt double-byte characters

  • Can encrypt all international keyboards

  • Works with PS2, USB, Wireless & Bluetooth keyboards


  • Built here in the USA, and more than 8 Million consumers and corporations have already downloaded our technology.

  • McAfee ePO (ePolicy Orchestrator) Compatible

EndpointLock™ for iOS and Android Devices

  • Supports: Apple iPhones & iPads, Android Phones & Tablets.


  • Encrypts all user keystrokes
  • Creates a secure keyboard with your branding
  • Supports all iOS and Android mobile devices
  • Supports all 5G iOS and Android IOT devices
  • Routes encrypted data around the vulnerability
  • Protects against infected apps and phishing emails/messages

An estimated 16 million mobile devices are infected with mobile malware, with threats constantly on the rise. Traditional keystroke data flows from your mobile keyboard through your operating system before it appears in your apps. Hidden along the way are areas of vulnerability where cyber criminals can plant keylogging spyware. With (BYOD) Bring your own device and mobile cyber attacks both increasing, enterprises must address security with tools to thwart the massive vulnerabilities that exist when using infected apps and phishing emails and messages, which download keylogging spyware.

EndpointLock™ for Mobile protects your keystroke data by installing a secure encrypted keyboard that creates an alternate pathway to your apps, routing your encrypted data around the areas of vulnerability. For added security, the EndpointLock™ pathway is protected by a complex 256-bit encryption code

EndpointLock™ Mobile SDK (Software Developer’s Kit)

Secure your Desktop and/or Mobile Apps

Get keystroke encryption embedded right into your desktop and mobile app. Users will feel confident as they provision and use the app and add their credentials including typing in their credit card numbers.

EndpointLock for Desktop Other Security Features

TPM (Trusted Platform Module) Support:

EndpointLock will automatically detect if a PC has an Intel TMP (Trusted Platform Module) chip, which is designed to secure hardware and software integrity by integrating cryptographic keys into devices, and will install directly to the TPM on the PC.

Kernel Compromise Warning Feature:

Warns the user of a kernel breach by detecting the presence any unsigned software or if a driver has been altered since it was released. EndpointLock indicator will turn yellow to indicate warning and log details of the breach including identity of the breached computer and its file location within that system.

Self-Monitoring Capability

Anti-subversion technology prevents EndpointLock from being
by-passed by other software by reinstalling itself in the first position in the kernel level.

Anti-Screen Scraping Feature

Hides the screen from screen loggers and sends them a black screen.

Anti-Clickjacking Feature:

Makes the invisible, visible. Hackers can embed invisible objects into
iFrames, EndpointLock can detect this type of attack and unhide the invisible object, and paint a border around the object, alerting the user not to click on this object.

How EndpointLock™ and KTLS Work

EndpointLock proactively stops keyloggers by encrypting each keystroke at the point of data entry, and rerouting the encrypted keystrokes directly to the browser or desktop application.

With EndpointLock, instead of capturing your actual data, keyloggers see only a random string of meaningless numbers.

EndpointLock is designed as a secure keyboard, available whenever a browser or desktop application is launched. This keyboard can be branded with your logo and hyperlink.

KTLS uses the AES encryption with a key size of 256 bits to encrypt keystrokes. The same key is used to encrypt and decrypt.

The KTLS protocol secures connections between the keystroke and applications:

  • Symmetric cryptography encrypts the transmitted data to ensure privacy
  • The keys for this symmetric encryption are generated uniquely for each connection
  • The encryption is based on a shared secret generated from the Trusted Platform Module, or else by a built-in Random Number Generator
  • Keyloggers can’t obtain the negotiated secret, even if they place themselves in the middle of the connection
  • No attacker can modify the keystroke transmission during the negotiation without detection, which generates kernel-layer alerts
  • The encrypted session key is stored in secure memory, shared by all KTLS system components
  • KTLS proactively reroutes the encrypted keystrokes directly to the browser or desktop application

Trending for Business: BYOD

Bring Your Own Device

  • 80% of businesses support a BYOD policy
  • 60% of workers use a smartphone for business purposes
  • BYOD market: $30 billion in 2014  à  $367 billion by 2022
  • Companies encouraging BYOD save $350 per year, per employee

67% of business data breaches are due to employee mobile device use

*Source: Forbes, January 2019

EndpointLock Features:

  • A toolbar turns on automatically when browser or application is launched
  • Advanced, 256-bit encryption
  • Early-warning kernel and ID theft monitoring
  • User-friendly, comprehensive reporting dashboard
  • Screen-capture protection
  • Clickjacking protection
  • Protection against Dark Web email attacks*
  • ID theft protection insurance*
  • Crypto-color visual verification technology

*Add-on, enhanced services, for licensed EndpointLock solutions

EndpointLock Benefits:

  • Enterprise-grade
  • Certified by Windows, Mac, Linux, Android and iOS operating systems
  • Supports keyboard-enabled iOS and Android 5G IOT devices
  • Deployed directly into Layer 0, within the kernel itself
  • Encryption and decryption occur directly within the application, without any modification to the app required
  • Compatible with Intel’s TPM (Trusted Platform Module)
  • Easily scalable: deployed through MS GPO, PowerShell, SCCM and 3rd-party apps
  • Works with PS2, USB, wireless, Bluetooth and international keyboards
  • Small memory footprint
  • Requires no spyware database updates

EndpointLock is CromTec Cyber’s unique flagship product, and is a crucial component of a comprehensive Managed Endpoint Security strategy, which we can craft for your business.




  • Identity
  • Passwords
  • Online purchases
  • Credit cards
  • Banking data
  • Health data
  • Email and texts


  • Logins and passwords
  • Employee keystrokes
  • Enterprise risk
  • Corporate IP
  • Transactions
  • Financial data
  • HR data

CEMS – CromTec Endpoint Managed Security

The CEMS Product Suite:

Establish a layered security strategy, with a customized program:

  • Assess your risk and threat vulnerabilities
  • Manage your endpoints
  • Detect and respond to threats
  • Provide back-up and disaster recovery solutions
  • Implement effective policies
  • Monitor your cyber health status