The RSA® Adaptive Authentication solution and the RSA® Data Loss Prevention (DLP) Suite from RSA, The Security Division of EMC (NYSE: EMC), have been certified to meet the security requirements defined by the Common Criteria Evaluation and Validation Scheme (CCEVS). Common Criteria is a globally accepted standard for evaluating the security features and capabilities of information technology products.
U.S. federal agencies are increasingly offering online portals for both citizens and non-governmental organizations to access sensitive information and to advance the access and exchange of sensitive information across agencies. However, external threats such as cyber attacks continue to increase and grow more sophisticated, creating a significant challenge for the safeguard of social security numbers, confidential intelligence reports and other sensitive data. In addition, insider risk can cause accidental leakage or misuse of sensitive data as it is collected, stored and shared. These external and internal threats can be mitigated by the RSA Adaptive Authentication solution and the RSA Data Loss Prevention Suite.
“RSA continuously works to provide organizations within the public and private sectors with solutions that meet key standards, including those that require third-party-validation.,” said Ahmed Abdella, Regional Manager – Middle East, North and West Africa, RSA. “Critical to this success are Common Criteria certifications that meet U.S. federal agency requirements for the evaluation and purchase of information security technologies.”
Common Criteria Certification
The CCEVS is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria certification provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the government for national security systems, which handle classified and some non-classified information, are Common Criteria certified.
To gain compliance, a product’s security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.
Common Criteria Certified Solutions from RSA
RSA Adaptive Authentication (on premise) is a risk-based authentication and fraud detection platform used by more than 8,000 organizations, authenticating over 250 million users including many government agencies. Through risk indicators powered by the RSA® Risk Engine, such as device identification, IP geo-location, behavioral profiling, and fraud data from the RSA eFraudNetworkTM community Adaptive Authentication is able to protect government portals against advanced cyber threats.
The RSA Data Loss Prevention (DLP) Suite helps uncover organizational risk associated with the loss of sensitive data and dynamically lowers that risk through policy-based remediation and enforcement of controls across the enterprise. The Suite includes RSA® Data Loss Prevention Endpoint, RSA® Data Loss Prevention Network, and RSA® Data Loss Prevention Datacenter – all managed by the RSA Data Loss Prevention Enterprise Manager.
RSA Digital Certificate Solutions are interoperable modules designed to manage digital certificates and create an environment for authenticated, private and legally binding electronic communications and transactions.
Currently Under Official Evaluation for Common Criteria Certification:
RSA enVision® platform
RSA Access Manager
© 2000 - 2019 Al Bawaba (www.albawaba.com)