#continuity

Denny Cherry & Associates Consulting

@dcac.com

6 hours ago

A person typing on a keyboard.

https://buff.ly/46ZJ56m Why IT Disaster Recovery Plans are Critical

Employees need resources in place for #business #continuity.

via @inc.com by @mrdenny.com

#DR #BCDR #BC

Denny Cherry & Associates Consulting

@dcac.com

3 days ago

People sitting in a conference room in a meeting.

https://buff.ly/3Tva1aP Why IT #Disaster #Recovery Plans are Critical and Employees need resources in place for business #continuity.

via @inc.com and @mrdenny.com

#DR #BC #BCDR

Denny Cherry & Associates Consulting

@dcac.com

4 days ago

People sitting in a conference room in a meeting.

https://buff.ly/3Tva1aP Why IT #Disaster #Recovery Plans are Critical and Employees need resources in place for business #continuity.

via @inc.com and @mrdenny.com

#DR #BC #BCDR

Android

@android.activitypub.awakari.com.ap.brid.gy

5 days ago

Secure Identity for TAK/ATAK at the Tactical Edge Team Awareness Kit (TAK) and its Android variant, the Android Tactical Assault Kit (ATAK), are situational awareness platforms used across the military—dismounted infantry, vehicle commanders, air crews, SOF operators. If you need a common operating picture in the field, TAK is probably running somewhere in your stack. But there’s a problem that’s easy to overlook until it matters: identity. ## The TAK Identity Problem TAK and ATAK support legacy LDAP protocols for authentication. That was fine when everyone ran on-premises Active Directory. It’s a problem now that enterprise identity has moved to the cloud. **The gap:** * TAK/ATAK can’t natively integrate with modern cloud IDPs like Microsoft Entra ID * Users appear as generic callsigns rather than verified identities * There’s no enterprise-grade audit trail for who did what * CAC/PKI and modern credential integration (FIDO2) is limited without protocol translation BEFORE | AFTER ---|--- No credential attribution | Enterprise-authenticated (CAC/PKI, FIDO2) No enterprise identity | Enterprise identity verified No compliance | NIST 800-53/171 RMF compliant No audit trail | Full audit trail **Before identity orchestration:** A signed-in ATAK user could appear as “Truck”—a callsign with no verifiable, traceable identity tied to enterprise IAM. The system knows someone authenticated, but not who, not with what credential, and not in a way that satisfies enterprise compliance requirements. **After identity orchestration:** Real verifiable, traceable identities. Every action attributable to a specific person, authenticated with phishing-resistant credentials (CAC/PKI or FIDO2), with full audit trail that reconciles with enterprise identity records. ## How Strata Solves It Strata’s identity orchestration bridges the gap between TAK/ATAK’s legacy LDAP requirements and modern enterprise identity. The architecture uses PACE planning principles: **Primary: Microsoft Entra ID at home station** Entra ID serves as the authoritative identity source. All user identities, group memberships, and access policies are managed in the enterprise IDP. **Contingency/Emergency: Keycloak at the edge** When connectivity to Entra ID degrades or is denied, local Keycloak instances take over authentication. Users continue operating with the same identity, same policies, same audit requirements. **Orchestration: Strata translates and reconciles** The orchestration layer handles: * Protocol translation between LDAP (what TAK wants) and OIDC (what Entra ID speaks) * Schema mapping between enterprise identity attributes and TAK user properties * Failover logic that routes authentication to the right IDP based on connectivity * Reconciliation when edge operations reconnect to home station ## Step-by-Step: How It Works **1. Normal operation** User launches ATAK and authenticates. The authentication request goes to the Strata orchestration layer, which translates from LDAP to OIDC and validates against Entra ID. TAK receives the identity assertions it expects. The user appears as their real identity, not a callsign**.** **2. Health monitoring** The orchestration layer continuously monitors the link to Entra ID. Latency, error rates, and availability are tracked against configurable thresholds. **3. Degradation detected** When the link to Entra ID becomes unreliable, the system prepares for failover. Active sessions are preserved. **4. Local takeover** Authentication routes to edge Keycloak. The Schema Abstraction Layer ensures users receive the same identity assertions. CAC/PKI, FIDO2, and certificate-based flows work normally. Policies continue to be enforced. **5. Local logging** Every authentication decision is captured at the edge. User identity, timestamp, resource accessed, decision made. The audit trail is complete even while disconnected. **6. Connectivity returns** When the link to Entra ID is restored, reconciliation begins. Edge logs are validated in a staging area before updating enterprise systems. Any identity changes made at the edge synchronize back to Entra ID. ## What Commanders and Operators Get **Reliable access** TAK/ATAK works with enterprise-grade authentication even when cloud links fail. Operators don’t get locked out at the worst possible moment. **Real identities** Every user is who they say they are. CAC or FIDO2-authenticated, enterprise-verified, attributable. Not “Truck.” **Local policy enforcement** Access rules defined in the enterprise apply at the edge. If someone shouldn’t access a resource at home station, they can’t access it in the field. **Full audit trail** Every authentication, every access decision, captured and reconciled. Compliance requirements are satisfied even for disconnected operations. **Safer recovery** When connectivity returns, changes merge cleanly. The staging area prevents edge data from corrupting enterprise records. Conflicts are flagged for resolution. ## Deployment Checklist **1. Configure Entra ID as the authoritative IDP** Establish Entra ID as your enterprise identity source. Define user attributes, group memberships, and access policies. **2. Deploy Keycloak to edge nodes** Keycloak runs on compact deployable compute at tactical locations. Configure CAC/PKI, FIDO2, and certificate-based authentication to match enterprise requirements. **3. Install Strata orchestration** The orchestration layer deploys between TAK/ATAK and your IDPs. It handles protocol translation, failover logic, and reconciliation. **4. Configure health checks and failover triggers** Define what “degraded” means for your operations. Set thresholds that trigger automatic failover to edge Keycloak. **5. Establish reconciliation procedures** Document how edge operations merge with enterprise systems. Define the staging area, validation steps, and conflict resolution workflow. **6. Test before deployment** Run failover simulations. Verify that TAK/ATAK continues working when Entra ID is unreachable. Confirm audit logs capture correctly and reconciliation works. ## What Changes for the Operator With identity orchestration in place, the day-to-day experience for TAK/ATAK users shifts in concrete ways: * **Real names, not callsigns** : Every authenticated user appears as a verified enterprise identity — traceable, auditable, and tied to your IDP * **No login interruptions during failover** : When Entra ID goes unreachable, Keycloak picks up authentication at the edge without the operator noticing * **One credential, any network** : Whether connected to enterprise cloud or running air-gapped, modern authentication methods like phishing-resistant FIDO2 and mobile biometrics work the same way * **Compliance without friction** : Commanders get the audit trail they need without adding steps for the warfighter ## Bottom Line TAK and ATAK are critical tactical systems. They shouldn’t be limited by legacy identity protocols. Strata’s identity orchestration brings enterprise authentication to TAK/ATAK—with Entra ID as the primary IDP, Keycloak as the edge failover, and full protocol translation that makes it all work without changing the applications. Real identities. Real audit trails. Real Zero Trust at the tactical edge. **Bring enterprise identity to TAK/ATAK:** * Explore Identity Orchestration * Learn about Identity Continuity * See the DDIL use case * Contact us The post Secure Identity for TAK/ATAK at the Tactical Edge appeared first on Strata.io. *** This is a Security Bloggers Network syndicated blog from Strata.io authored by Michael Wallen. Read the original post at: https://www.strata.io/blog/continuity/secure-identity-for-tak-atak-at-the-tactical-edge/

Secure Identity for TAK/ATAK at the Tactical Edge Team Awareness Kit (TAK) and its Android variant, the Android Tactical Assault Kit (ATAK), are situational awareness platforms used across the mili...

#Security #Bloggers #Network #continuity

Origin | Interest | Match

African Idioms

@africanidioms.bsky.social

5 days ago

The river that flows remembers the stones that shaped its path.

-Nigeria

#history #influence #nature #journey #memories #continuity #growth #wisdom #connection #impact

Justin Buzzard

@justinbuzzard.bsky.social

6 days ago

Document governance for a company, program, or project is critical to maintain continuity for all employees involved. Without controlled, standard documents, there will be chaos and a risk of incorrect output for the client/customer. #governance #documents #control #continuity #risk

YogaRootsHistory

@yogarootshistory.bsky.social

1 week ago

From loincloths to Lycra. The fashion has changed, but the heart of yoga remains. 💖
Read the story: mlboyce.gumroad.com/l/dlfult
#YogaFashion #YogaHistory #Continuity #Yoga #YogaLife #Yogasana #YogaInspiration

ScienceHumor.io

@sciencehumor-io.bsky.social

1 week ago

Please Let Me Assume It Is Continuous At At Least One Point

Please Let Me Assume It Is Continuous At At Least One Point

#Mathematics #Calculus #Functions #Continuity #Mathhorror

sciencehumor.io/math-memes/please-let-me...

Denny Cherry & Associates Consulting

@dcac.com

1 week ago

A person typing on a keyboard.

https://buff.ly/46ZJ56m Why IT Disaster Recovery Plans are Critical

Employees need resources in place for #business #continuity.

via @inc.com by @mrdenny.com

#DR #BCDR #BC

Denny Cherry & Associates Consulting

@dcac.com

1 week ago

People sitting in a conference room in a meeting.

https://buff.ly/3Tva1aP Why IT #Disaster #Recovery Plans are Critical and Employees need resources in place for business #continuity.

via @inc.com and @mrdenny.com

#DR #BC #BCDR

light_and_lit 🌞

@dawnmj.bsky.social

1 week ago

a woman is sitting in a closet with the words it 's good to recycle above her ALT: a woman is sitting in a closet with the words it 's good to recycle above her

If this is Matt in disguise as Nick then I wish to state right now that it is already impossible #continuity 📺🎭 #YR there are plenty of ways to resolve this and rewriting old stories is obviously one way that the robots really earn their vacations-oh wait 🙄

Denny Cherry & Associates Consulting

@dcac.com

1 week ago

A person typing on a keyboard.

https://buff.ly/46ZJ56m Why IT Disaster Recovery Plans are Critical

Employees need resources in place for #business #continuity.

via @inc.com by @mrdenny.com

#DR #BCDR #BC

Massiah Family of Imran 🇬🇧

@themassiahs.bsky.social

1 week ago

Next release coming soon ⛓️🕋

⛓️ Captivity, #Diaspora & the Promise of Gathering: From Ancient Exile to #Caribbean Sephardic Families 🔒
🕍 Nidhe Israel Synagogue & #Jewish Heritage / Qur’anic Continuity 🕌
🕍 Nidhe Israel Synagogue FAQs
📖 Qur’anic FAQs (In Muṣḥaf Order) 🌙

#History #Heritage #Continuity