WinMagic's SecureDoc Earns Common Criteria EAL 4 Certification

WinMagic announces that SecureDoc has earned Common Criteria Evaluation Assurance Level 4 (EAL 4) Certification. The certification was performed by DOMUS IT Security Laboratory, a division of Nuvo, which is accredited to perform Common Criteria evaluations on behalf of the Communications Security Establishment. The successfully-completed testing assures SecureDoc users and the WinMagic customer base, within and outside of the government sector, that SecureDoc has gone through a strenuous and rigorous testing process and conforms to IT security standards sanctioned by the International Standards Organization (ISO 15408). In providing a broad range of evaluation criteria for many types of commercial and government-grade IT security products, EAL 4 is the highest level that is recognized in over 20 countries worldwide.

With this certification, WinMagic can unequivocally state that SecureDoc
implements the following Security Policies:
- Access Control: Implements a set of rules that determines what kind of access an authenticated user has to a security-relevant object;
- Identification and Authentication: Requires a user to authenticate at pre-boot prior to any other actions involving encryption/decryption access of protected data;
- Cryptographic Keys Management: Denies access to cryptographic keys and encrypted data unless the user is successfully authenticated and has appropriate privileges;
- Audit Security: Tracks and saves security related transactions and saves them in a protected storage area. The audit log is restricted and can only be viewed by authorized users. The audit information provides a time stamp as to when the transaction was filed, and the event information of the transaction.

The evaluation analysis activities involved a structured evaluation of SecureDoc, including the following areas: configuration management, secure delivery and operation, design documentation, guidance documents, life-cycle support, and vulnerability assessment per the Common Evaluation Methodology for Common Criteria version 2.3.

The Common Criteria is meant to be used as the basis for evaluation of security properties of IT products and systems. By establishing such a Common Criteria base, the results of an IT security evaluation will be meaningful to a wider audience. This announcement today underscores WinMagic's commitment to the Common Criteria process and to open standards. This milestone compliments the ongoing advances in software quality, robustness, and functionality ultimately benefiting organizations serious about security, not though obscurity.

Designed from the ground up to seamlessly integrate with all editions of Microsoft Windows Vista/XP/2000 at preboot, SecureDoc prevents unauthorized access to personal identifiable information and sensitive data resulting from lost notebooks, USB thumb drives, CD/DVDs, and USB flash drives. Working at the pre-boot level, SecureDoc makes it simple to incorporate single- or multi-factor authentication through passwords, USB tokens, smart cards, biometrics, and PKI technology.

write your comments about the article :: 2007 Computing News :: home page