Ascertia is delighted to announce that the Common Criteria certification for our ADSS CA/PKI Server has been upgraded.
The product, which provides trust services to support digital business, just became even more secure - it's now certified to EAL4+ ALC_FLR.3!
By leveraging strong encryption, digital signatures and certificate management, Ascertia's ADSS CA/PKI Server provides peace of mind that sensitive data, transactions and remote access are fully protected.
The server enables our customers to ensure they meet their regulatory obligations, secure their business against threats and build a trusted infrastructure for users, devices and applications. They can confidently scale their business while reducing reliance on outdated security methods.
What does this mean?
We've previously explained the importance of Common Criteria's standardised framework for evaluating the security of information technology products and systems. EAL4+ is a security level within this framework, and ALC_FLR.3 is a security objective within it.
EAL4+ stands for Enhanced Assurance Level 4+, representing a high level of security assurance. It requires intense testing and evaluation to ensure that the product or system meets specific security requirements.
ALC_FLR.3 stands for Assurance Level Category: Functional Requirements, Family 3: Life Cycle. This security objective requires that the product or system has a well-defined life cycle process, including development, testing, deployment and maintenance. This ensures that security is considered throughout the product's lifecycle, reducing the risk of vulnerabilities and attacks.
Why is EAL4+ ALC_FLR.3 important?
- Enhanced security - A product or system has a strong commitment to security throughout its lifecycle by meeting this requirement.
- Compliance - Many organisations, especially in regulated industries, require products and systems to meet specific security standards. EAL4+ ALC_FLR.3 can help organisations demonstrate compliance with these standards.
- Trust and confidence - A product or system that has achieved EAL4+ ALC_FLR.3 builds trust and confidence among users and customers due to the high testing standards.
EAL4+ ALC_FLR.2 requires that the product or system has a documented life cycle process, including development, testing, deployment and maintenance.
EAL4+ ALC_FLR.3 goes a step further by requiring that the product or system has a well-defined and documented life cycle process, including specific activities and procedures for each phase of the lifecycle. This level provides a more comprehensive and detailed description of the life cycle process, ensuring that security is considered throughout.
Ascertia is committed to providing the highest levels of security and compliance. EAL4+ ALC_FLR.3 assures customers that ADSS CA/PKI Server has a robust and secure life cycle process.
Interested in learning how ADSS CA/PKI Server can help your business? Find out more.
