Press Release

RSA Adaptive Authentication and Data Loss Prevention Solutions Awarded Common Criteria Certification

BEDFORD, MA. — September 28, 2009 — The RSA® Adaptive Authentication solution and the RSA® Data Loss Prevention (DLP) Suite from RSA, The Security Division of EMC (NYSE: EMC), have been certified to meet the security requirements defined by the Common Criteria Evaluation and Validation Scheme (CCEVS). Common Criteria is a globally accepted standard for evaluating the security features and capabilities of information technology products.

BEDFORD, MA., September 28, 2009 - 

The RSA® Adaptive Authentication solution and the RSA® Data Loss Prevention (DLP) Suite from RSA, The Security Division of EMC (NYSE: EMC), have been certified to meet the security requirements defined by the Common Criteria Evaluation and Validation Scheme (CCEVS). Common Criteria is a globally accepted standard for evaluating the security features and capabilities of information technology products.
U.S. federal agencies are increasingly offering online portals for both citizens and non-governmental organizations to access sensitive information and to advance the access and exchange of sensitive information across agencies. However, external threats such as cyber attacks continue to increase and grow more sophisticated, creating a significant challenge for the safeguard of social security numbers, confidential intelligence reports and other sensitive data. In addition, insider risk can cause accidental leakage or misuse of sensitive data as it is collected, stored and shared. These external and internal threats can be mitigated by the RSA Adaptive Authentication solution and the RSA Data Loss Prevention Suite.
“RSA continuously works to provide organizations within the public and private sectors with solutions that meet key standards, including those that require third-party-validation.,” said Sam Curry, Vice President of Product Management at RSA. “Critical to this success are Common Criteria certifications that meet U.S. federal agency requirements for the evaluation and purchase of information security technologies.”

Common Criteria Certification

The CCEVS is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria certification provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the government for national security systems, which handle classified and some non-classified information, are Common Criteria certified.
To gain compliance, a product’s security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.

Common Criteria Certified Solutions from RSA
  • RSAAdaptive Authentication (on premise) is a risk-based authentication and fraud detection platform used by more than 8,000 organizations, authenticating over 250 million users including many government agencies. Through risk indicators powered by the RSA® Risk Engine, such as device identification, IP geo-location, behavioral profiling, and fraud data from the RSA eFraudNetworkTM community Adaptive Authentication is able to protect government portals against advanced cyber threats.
  • The RSA Data Loss Prevention (DLP) Suite helps uncover organizational risk associated with the loss of sensitive data and dynamically lowers that risk through policy-based remediation and enforcement of controls across the enterprise. The Suite includes RSA® Data Loss Prevention Endpoint, RSA® Data Loss Prevention Network, and RSA® Data Loss Prevention Datacenter – all managed by the RSA Data Loss Prevention Enterprise Manager.
  • RSADigital Certificate Solutions are interoperable modules designed to manage digital certificates and create an environment for authenticated, private and legally binding electronic communications and transactions.
Currently Under Official Evaluation for Common Criteria Certification:
  • RSA enVision® platform
  • RSA Access Manager

About EMC

RSA, The Security Division of EMC, is the expert in information-centric security, enabling the protection of information throughout its lifecycle. RSA enables customers to cost-effectively secure critical information assets and online identities wherever they live and at every step of the way, and manage security information and events to ease the burden of compliance.

RSA offers industry-leading solutions in identity assurance and access management, encryption, security information management and anti-fraud protection, bringing trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

Press Contacts

Kerry Walker 
Outcast Communications
617-201-7494
kerry@outcastpr.com

David Seuss
RSA, The Security Division of EMC
781-515-6279 
david.seuss@rsa.com

RSA and enVision are either registered trademarks or trademarks of RSA Security, Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other trade names and trademarks are the property of their respective holders.

Notes: