BEDFORD, MA. - September 28, 2009 -
The RSA® Adaptive Authentication solution and the RSA® Data Loss Prevention (DLP) Suite from RSA, The Security Division of EMC (NYSE: EMC), have been certified to meet the security requirements defined by the Common Criteria Evaluation and Validation Scheme (CCEVS). Common Criteria is a globally accepted standard for evaluating the security features and capabilities of information technology products.
U.S. federal agencies are increasingly offering online portals for both citizens and non-governmental organizations to access sensitive information and to advance the access and exchange of sensitive information across agencies. However, external threats such as cyber attacks continue to increase and grow more sophisticated, creating a significant challenge for the safeguard of social security numbers, confidential intelligence reports and other sensitive data. In addition, insider risk can cause accidental leakage or misuse of sensitive data as it is collected, stored and shared. These external and internal threats can be mitigated by the RSA Adaptive Authentication solution and the RSA Data Loss Prevention Suite.
“RSA continuously works to provide organizations within the public and private sectors with solutions that meet key standards, including those that require third-party-validation.,” said Sam Curry, Vice President of Product Management at RSA. “Critical to this success are Common Criteria certifications that meet U.S. federal agency requirements for the evaluation and purchase of information security technologies.”Common Criteria Certification
The CCEVS is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria certification provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the government for national security systems, which handle classified and some non-classified information, are Common Criteria certified.
To gain compliance, a product’s security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.Common Criteria Certified Solutions from RSA
Currently Under Official Evaluation for Common Criteria Certification:
- RSAAdaptive Authentication (on premise) is a risk-based authentication and fraud detection platform used by more than 8,000 organizations, authenticating over 250 million users including many government agencies. Through risk indicators powered by the RSA® Risk Engine, such as device identification, IP geo-location, behavioral profiling, and fraud data from the RSA eFraudNetworkTM community Adaptive Authentication is able to protect government portals against advanced cyber threats.
- The RSA Data Loss Prevention (DLP) Suite helps uncover organizational risk associated with the loss of sensitive data and dynamically lowers that risk through policy-based remediation and enforcement of controls across the enterprise. The Suite includes RSA® Data Loss Prevention Endpoint, RSA® Data Loss Prevention Network, and RSA® Data Loss Prevention Datacenter – all managed by the RSA Data Loss Prevention Enterprise Manager.
- RSADigital Certificate Solutions are interoperable modules designed to manage digital certificates and create an environment for authenticated, private and legally binding electronic communications and transactions.
- RSA enVision® platform
- RSA Access Manager
, a part of , enables organizations to modernize, automate and transform their using industry-leading , servers, and data protection technologies. This provides a trusted foundation for businesses to transform IT, through the creation of a , and transform their business through the creation of cloud-native applications and solutions. Dell EMC services customers across 180 countries – including 98 percent of the Fortune 500 – with the industry’s most comprehensive and innovative portfolio from edge to core to cloud.