Common Criteria Is an Important Security StandardCommon Criteria is an internationally-recognized computer security standard (also ISO 15408) that includes stringent review and testing. It is the foundation for the widest-available mutual international recognition of secure IT products, and achievement of this certification helps to assure that government agencies and global enterprises alike can confidently procure and use solutions without the added cost and complexity of additional product testing.
Why Certification MattersMany governments, including the US Federal Government and Department of Defense, require that products be Common Criteria certified for use. In SP800-53, NIST notes, “Organizations can obtain significant benefit from the acquisition and employment of information technology products evaluated against the requirements of ISO/IEC 15408. The use of such products can provide evidence that certain security controls are implemented correctly, operating as intended, and producing the desired effect in satisfying stated security requirements.”
Benefits of Using Common CriteriaOrganizations of all types can benefit from utilizing Common Criteria in their product evaluations.
- Faster time to value. By relying on the certification evidence as one element of a selection process, organizations can reduce the time and associated complexities required for testing, helping them speed the selection and deployment processes.
- Less cost. Since certified solutions have been thoroughly evaluated by an independent third-party laboratory, organizations can eliminate the cost associated with additional third-party evaluations.
- Less risk. Thorough review, testing, and evaluation ensure that organizations have a complete picture of the impact of a solution on their environment, and can properly plan for infrastructure needs in advance.
Password Safe Certification DetailsThe Leidos Common Criteria Testing Laboratory conducted the testing of PowerBroker Password Safe and granted the Common Criteria certificate (# 383-4-412) that became effective on June 29, 2018. PowerBroker Password Safe achieved certification using the Standard Protection Profile for Enterprise Security Management Identity and Credential Management, Version 2.1, 24 October 2013, and the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.
Password Safe Joins the Rest of the Powerbroker Platform in Common Criteria CertificationAs announced previously, BeyondTrust has earned Common Criteria certification for:
- PowerBroker for Unix & Linux
- PowerBroker for Windows
- PowerBroker Auditing & Security Suite
- UVM 50 appliance