CREDANT Technologies' Mobile Security Software Receives FIPS 140-2 Validation.DALLAS -- FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. Validation Issued for a Common Cryptographic Module Used Across the Windows and Windows CE Platform CREDANT Technologies(R) (www.credant.com), the market leader in software that enables organizations to control security for the mobile enterprise, today announced it has been awarded FIPS 140-2 validation for the CREDANT Cryptographic Kernel for its Microsoft Windows and Windows CE platforms under the joint US National Institute for Standards and Technology (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ) and Canadian Communications Security Establishment Noun 1. Communications Security Establishment - Canadian agency that gathers communications intelligence and assist law enforcement and security agencies CSE international intelligence agency - an intelligence agency outside the United States (CSE (Certified Systems Engineer) See Microsoft certification. ) Cryptographic Module Validation Program The Cryptographic Module Validation Program (CMVP) is a joint American and Canadian security accreditation program for cryptographic modules. The program is available to any vendors who seek to have their products certified for use by the U.S. . With the CREDANT Mobile Guardian security and management software platform, U.S. federal agencies governed by FIPS 140-2 security directives and organizations can safely extend sensitive data to mobile professionals -- gaining the benefits of mobility while meeting strict compliance demands. "The implementation of cryptographic operation and random number generation is an extremely important aspect of any security product," said Chris Burchett, vice president, engineering, CREDANT Technologies. "A single mistake in implementation can lead to security holes and disastrous consequences. By our undergoing independent and rigorous government sanctioned testing and validation processes for our Cryptographic Kernel, customers are assured that every CREDANT product is a trusted solution." FIPS140-2 is part of a series of security validation processes for testing computer and network security products. The purpose of the FIPS validation process is to promote quality, confidence, and trust among product manufacturers and to ensure accuracy and consistency by developing standards-based testing procedures to facilitate third-party validation of a product's cryptographic security features. "Trust is a key requirement for security solutions, and enterprises demand products that perform as advertised," said Bob Heard, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. , CREDANT Technologies. "By achieving FIPS 140-2 validation on the CREDANT Cryptographic Kernel used in all of our products we provide validated trust that allows U.S. federal agencies and commercial businesses to safely deploy mobile computing devices that feature validated, state-of-the-art cryptographic solutions. CREDANT's FIPS-approved algorithms include Triple DES, AES, SHA-1, HMAC-SHA-1 and RNG See RELAX NG. algorithms. A robust mobile security product, CREDANT Mobile Guardian protects the confidentiality of enterprise data stored on laptop and tablet PCs, as well as Pocket PC, PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). and smartphone devices. Encryption policies for users and groups are centrally managed and locally enforced, allowing administrators to define the databases and/or folders where data is to be encrypted when stored on the device or removable media. Transparent to the user, CREDANT Mobile Guardian performs on-the-fly encryption when data is placed in a secure location and on-demand decryption (cryptography) decryption - Any procedure used in cryptography to convert ciphertext (encrypted data) into plaintext. when data is accessed. In addition to real-time encryption, CREDANT Mobile Guardian enforces multiple levels of mandatory access control A system of access control that assigns security labels or classifications to system resources and allows access only to entities (people, processes, devices) with distinct levels of authorization or clearance. These controls are enforced by the operating system or security kernel. across disparate devices, including PIN, password, and question/answer for self-service password reset Self-service password reset is defined as any process or technology that allows users who have either forgotten their password or triggered an intruder lockout to authenticate with an alternate factor, and repair their own problem, without calling the help desk. . Other safeguards control automatic idle time lock-down and fail-safe actions, as well as application and communication method use. More information on the validation can be obtained from http://csrc.nist.gov/cryptval/140-1/1401val2004.htm#452 and http://csrc.nist.gov/cryptval/140-1/140crt/140crt452.pdf. About CREDANT Technologies CREDANT Technologies is the market leader in providing software that enables organizations to control security enterprise-wide for mobile workers by protecting mobile devices, and protecting the enterprise from unsecured mobile devices. The award-winning Enterprise Edition of CREDANT Mobile Guardian protects corporate data with robust cross-platform security for PDAs, smartphones, laptops and tablets and uniquely integrates with enterprise directories for centralized security policy management and administration. Accommodating phased trends in mobile and wireless deployment, the CREDANT Mobile Guardian suite includes Group and Personal Editions, which allow organizations to safely mobilize applications for individuals and groups of users. CREDANT's migration path between its products assures organizations that the solution they select now will support their mobile security requirements long-term. CREDANT is recognized as the visionary leader in mobile data protection by Gartner, and has been selected by Red Herring as one of the top 100 privately held companies for 2004. Customers and strategic partners include Global 2000 companies such as EDS (Electronic Data Systems, Plano, TX, www.eds.com) Founded in 1962 by H. Ross Perot (independent candidate for the President of the U.S. in 1992), EDS is the largest outsourcing and data processing services organization in the country. , Hewlett-Packard, IBM Global Services IBM Global Services is the world's largest business and technology services provider. It is the fastest growing part of IBM, with over 190,000 professionals serving customers in more than 160 countries. , Intel, Microsoft, PalmOne, PalmSource, Schindler Elevator, Symbol and U.S. Army Medical Command. Austin Ventures, Intel Capital and Menlo Ventures are investors in CREDANT Technologies. For more information, visit www.credant.com. CREDANT, CREDANT Technologies, the CREDANT Technologies logo, and the Be Mobile Be Secure tagline are trademarks or registered trademarks of CREDANT Technologies. All other names, brands or products referenced are the service marks, trademarks, or registered trademarks of their respective companies. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion