Owner-controlled Zero Trust for federal, state & local
Faction delivers enterprise-grade Zero Trust at a fraction of the cost of Enterprise SDN or ZTNA — protecting your vulnerable OT & IoT, data, and communications without rip-and-replace
Public-sector organizations carry strict obligations and high-value targets — federal, state, and local — often with constrained budgets and aging systems. Faction provides an architecture where trust is owned and controlled by the organization, and protection extends to the OT, IoT, and legacy systems traditional tools can't reach.
Public-sector networks are a top target. State-sponsored actors — the campaign known as Volt Typhoon — have pre-positioned inside U.S. critical infrastructure, and Salt Typhoon penetrated major telecom networks in one of the most damaging breaches in memory. The FCC has determined that foreign-made routers pose an unacceptable national-security risk, and many are already in public networks.
Disrupted services
Citizen services and operations knocked offline when systems go down.
Compromised data
Citizen and mission data exposed or exfiltrated.
Cross-agency spread
A breach in one system reaching others through shared dependencies.
Public trust
Eroded confidence in the institutions people depend on.
Networking
- Legacy and OT systems spread across facilities and field sites
- Shared services whose compromise can cross agency boundaries
- Foreign-made routers now flagged as a national-security risk, already in public networks
- Secure remote and field access for staff and contractors
Devices
- Building controls — HVAC, power, access control, elevators
- Legacy systems on unsupported or unpatchable operating systems
- Everyday smart gear — printers, cameras, UPS — used as a way in
- Field and remote endpoints beyond the office
Data
- Citizen records and mission data kept confidential
- Communications between agencies and partners
- Data downloaded onto contractor and staff BYOD devices
- Controlled, auditable sharing across organizations
Virtual Private Circuit (VPC)
Take agency networks, applications, and devices off the public internet into a circuit only you can see and reach — then segment and micro-segment it with Groups, so a compromise in one area can't cross into another.
- IT, OT, and legacy systems on one circuit
- No public exposure to scan or reach
- Identity-based access between segments
- No shared control plane to cross agencies
Owner-Held Keys & Zero Knowledge
Encryption keys are created and held by the organization and never leave your devices. Faction routes traffic but has no access to what you protect.
- Citizen and mission data encrypted end to end
- Keys stay with the agency, not a vendor
- Encrypted in transit and at rest
- No third party in your trust path
Zero Trust, Identity-Based Access
Every user and device is authenticated and authorized; nothing anonymous can reach the circuit — aligning directly with federal Zero Trust direction.
- Out-of-band Zero Trust authentication
- Scoped, time-limited contractor access with audit trails
- Step-up to verified human identity (iValt, roadmap)
- No anonymous movement on the network
Cyber-Assured Hardware — Pods & Portals
Faction's own purpose-built, Cyber-Assured networking hardware brings legacy and OT systems into the circuit with no agent — and is trusted hardware by design, a direct answer to the foreign hardware now flagged by the FCC.
- Reach building controls and legacy systems
- No agent, no patching of the device
- US-made, independently source-inspected
- A trusted alternative to flagged consumer hardware
Encrypted Data & Ransomware-Proof Backup
The Faction Data Security Suite keeps files, email, and media encrypted under your keys — and backs them up where only you can decrypt them.
- Keep the email and cloud tools staff already use
- Every file encrypted under your own keys
- Owner-keyed backup that can't be ransomed
- Share across agencies without broad exposure
Factionize your infrastructure — don't rip and replace it
What about the foreign-made routers on the FCC's Covered List, or the decades-old systems agencies can't simply retire? Ripping out and replacing infrastructure that delivers public services is slow, expensive, and disruptive.
Factionizing is the faster, lower-cost path. Faction services and software secure the systems you already run — and replace only what genuinely can't be secured — bringing public infrastructure to a Zero Trust, Cyber-Assured state with minimal disruption.
- Secure existing networking hardware in place rather than replacing it.
- Replace only what can't be brought up to standard — with Cyber-Assured Pods & Portals.
- No rip-and-replace project and no service interruption.
- Reach Zero Trust on your timeline and budget.
Supports federal & SLED requirements
Cryptographic isolation, owner-held keys, and identity-based access map to the mandates public-sector organizations answer to — applied to the OT, IoT, and legacy systems traditional tools can't reach.
Controlled Unclassified Information protected with owner-held keys and scoped access.
Access control and system & communications protection mapped by the architecture itself.
Identity-based, least-privilege access; nothing anonymous reaches a system.
Full, scoped logs of who and what reached each system.
Scope and time-limit access for vendors and contractors, with audit trails.
Foreign-made routers pose clear risks and must be phased out. Factionize or drop in Pods & Portals to mitigate — without rip & replace.
Take action
With state-sponsored threats at unprecedented levels and federal Zero Trust mandates in force, Faction lets you adopt owner-controlled Zero Trust rapidly and affordably across IT, OT, and legacy systems. Contact us for a consultation tailored to your mission and compliance needs.