Common Criteria certification of PowerBroker for Unix & Linux reduces implementation time and complexity for government agencies and enterprises
PHOENIX, September 12, 2016 – BeyondTrust, the leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, announced today its PowerBroker privileged access management platform for Unix and Linux systems has received Common Criteria certification. Achievement of this certification helps to assure that government agencies and global enterprises can confidently procure and use PowerBroker for Unix & Linux to secure their environments against the threat of privileged account compromise without the added cost and complexity of additional product testing.
Common Criteria is the foundation for the widest-available mutual international recognition of secure IT products. Its goals include improving the availability of security-enhanced IT products, and supporting more efficient procurement of solutions.
The Leidos (formerly SAIC) Common Criteria Testing Laboratory conducted the testing of PowerBroker for Unix & Linux, and the National Information Assurance Partnership (NIAP), the United States approving authority, granted the Common Criteria certificate (# 10691) that became effective on August 30, 2016. PowerBroker for Unix and Linux achieved protection profile certification in Enterprise Security Management - Policy Management Version 2.1, and U.S. Government Approved Protection Profile - Protection Profile for Enterprise Security Management-Access Control Version 2.1.
“Our government information systems are under constant attack. Agencies depend on the Common Criteria Certification to ensure the solutions they select perform securely and as promised. BeyondTrust takes seriously efforts by Federal Government and global enterprises to thwart cyber attackers’ attempts to gain access to sensitive data and systems,” said Jeff Phillips, Federal Director, BeyondTrust. “The Common Criteria certification helps organizations procure IT products with confidence and efficiency. Now organizations can be completely confident that PowerBroker will enable them to secure their Unix and Linux environments against insider threats and prevent unauthorized access to critical information systems.”
A Better Alternative to Sudo
Organizations must secure the use of root account privileges for operational, security and compliance reasons. The common approach is to use Sudo – a free, unsupported utility that comes with all Unix and Linux hardware. While Federal agencies make selecting the most cost effective solutions a priority, there are significant risks involved in reliance on free, unsupported tools that cannot scale or provide secure automation for mission-critical systems.
PowerBroker for Unix & Linux enables system administrators to delegate Unix and Linux privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information. This enables organizations to meet the privileged access control requirements of government and industry mandates including FISMA, SOX, HIPAA, PCI DSS, GLBA, PCI, and FDCC.
Government agencies and enterprises can rely on PowerBroker to achieve least privilege on Unix and Linux systems, which nearly every recent Federal Cybersecurity mandate stresses as being a critical step to securing information systems.
“Government is very focused in improving efficiency, cost savings and security in all information technology procurements,” added Phillips. “Devoting time and resources to independently testing solutions adds unnecessary complexity and costs to the selection process. Utilizing Common criteria certified vendors helps them more effectively secure and modernize their IT systems.”
For more information on the Common Criteria Arrangement, visit: https://www.commoncriteriaportal.org/.
BeyondTrust is a global cyber security software company that helps organizations prevent cyber-attacks and unauthorized data access due to privilege abuse. Our solutions give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Access Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your company goes. BeyondTrust’s security solutions are trusted by over 4,000 customers worldwide, including half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com.