SecureDoc Full-Disk Encryption on Canadian Government's Procurement List

WinMagic announces that its SecureDoc v4.3 full-disk encryption solution has been qualified by the Communications Security Establishment for inclusion on the IT Security Pre-qualified Product List under the IT Security Product Pre-qualification Program. The IPPP is an initiative jointly led by the CSE and Public Works and Government Services Canada to pre-qualify IT security products for use within the Government of Canada.

The objective of the program is to facilitate the procurement of IT security products by GC departments that meet CSE's pre-qualification criteria. IT security products which are to be considered by CSE for placement on the IPPL must meet one or more of the following requirements:
Validation to FIPS 140-1 or FIPS 140-2, or integration of a cryptographic module validated to FIPS 140-1 or FIPS 140-2 under the Cryptographic Module Validation Program (CMVP);
Endorsement under CSE's Cryptographic Endorsement Program (CEP); or
Certification or recognition under the Canadian Common Criteria
Scheme (CCS).

SecureDoc holds not only FIPS 140-2 Level 1 but is also the only full disk encryption solution to achieve Level 2 from the National Institute of Standards & Technology of the US Department of Commerce. SecureDoc has also achieved BITS Tested Mark for use by financial industry, earned Common Criteria Evaluation Assurance Level 4 (EAL 4) Certification (the highest level that is recognized in over 20 countries worldwide), and is the only disk encryption software certified by the NSA to safeguard U.S. government's "SECRET" level data.

SecureDoc also passed a separate examination process performed by the CSE which verified that:
SecureDoc uses FIPS-approved cryptographic algorithms and key management scheme;
SecureDoc does not contain known vulnerabilities which pose unacceptable risks; and
SecureDoc has potential application within the Government of Canada.

Working at the pre-boot level, SecureDoc makes it simple to incorporate single- or multi-factor authentication through passwords, USB tokens, smart cards, biometrics, TPM and PKI technology. SecureDoc also supports removable media including USB thumb drives, flash removable media, and CD/DVDs - enabling organizations to transparently implement IT data security policies that will ensure that all removable media are encrypted to prevent data leakage of personal identifiable information and sensitive data.

Compatible with all editions of Microsoft Windows Vista, XP, and 2000, SecureDoc Enterprise Edition makes it simple to configure user/group profiles, deploy them, and manage them for tens of thousands of users. Remote features permit adding, removing, or augmenting user/group profiles as well as allowing password recovery and integration/synchronization with Active Directory and other LDAP servers.

In addition, it is uniquely positioned to provide the dynamic provisioning of keys and key files to users, and possesses the unique ability to label keys in human readable terms so that they can be easily identified and recognized for encrypted archived data stores. Problems related to unlocking these long term storage archives are solved as the respective encryption key can now be dynamically provisioned. Passwords will not be remembered 20 years from now, but the encryption keys can still be easily identified in human readable text formats.

write your comments about the article :: 2007 Computing News :: home page