BeyondTrust achieves Common Criteria Certification

Common Criteria certification of PowerBroker for Unix & Linux reduces implementation time and complexity for government agencies and enterprises.

  • 8 years ago Posted in
BeyondTrust says that its PowerBroker privileged access management platform for Unix and Linux systems has received Common Criteria certification. Achievement of this certification helps to assure that government agencies and global enterprises can confidently procure and use PowerBroker for Unix & Linux to secure their environments against the threat of privileged account compromise without the added cost and complexity of additional product testing.
 
Common Criteria is the foundation for the widest-available mutual international recognition of secure IT products. Its goals include improving the availability of security-enhanced IT products, and supporting more efficient procurement of solutions.
 
The Leidos (formerly SAIC) Common Criteria Testing Laboratory conducted the testing of PowerBroker for Unix & Linux, and the National Information Assurance Partnership (NIAP), the United States approving authority, granted the Common Criteria certificate (# 10691) that became effective on August 30, 2016. PowerBroker for Unix and Linux achieved protection profile certification in Enterprise Security Management - Policy Management Version 2.1, and U.S. Government Approved Protection Profile - Protection Profile for Enterprise Security Management-Access Control Version 2.1.
 
“Our government information systems are under constant attack. Agencies depend on the Common Criteria Certification to ensure the solutions they select perform securely and as promised. BeyondTrust takes seriously efforts by Federal Government and global enterprises to thwart cyber attackers’ attempts to gain access to sensitive data and systems,” said Jeff Phillips, Federal Director, BeyondTrust. “The Common Criteria certification helps organizations procure IT products with confidence and efficiency. Now organizations can be completely confident that PowerBroker will enable them to secure their Unix and Linux environments against insider threats and prevent unauthorized access to critical information systems.”
 
A Better Alternative to Sudo
Organizations must secure the use of root account privileges for operational, security and compliance reasons. The common approach is to use Sudo – a free, unsupported utility that comes with all Unix and Linux hardware. While Federal agencies make selecting the most cost effective solutions a priority, there are significant risks involved in reliance on free, unsupported tools that cannot scale or provide secure automation for mission-critical systems.
 
PowerBroker for Unix & Linux enables system administrators to delegate Unix and Linux privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information. This enables organizations to meet the privileged access control requirements of government and industry mandates including FISMA, SOX, HIPAA, PCI DSS, GLBA, PCI, and FDCC.
 
Government agencies and enterprises can rely on PowerBroker to achieve least privilege on Unix and Linux systems, which nearly every recent Federal Cybersecurity mandate stresses as being a critical step to securing information systems.
 
“Government is very focused in improving efficiency, cost savings and security in all information technology procurements,” added Phillips. “Devoting time and resources to independently testing solutions adds unnecessary complexity and costs to the selection process. Utilizing Common criteria certified vendors helps them more effectively secure and modernize their IT systems.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...