SUNNYVALE, Calif., Dec. 4, 2013 -- Centrify Corporation, the leader in Unified Identity Services across data center, cloud and mobile, today announced that its Centrify Server Suite has achieved Common Criteria certification, successfully passing a rigorous evaluation process that includes independent analysis and testing of Centrify Server Suite to validate its security aspects for customers. Customers, including government agencies and associated civilian agencies that are required to purchase only those commercial security products which are certified by Common Criteria, are assured of the robust security capabilities of Centrify Server Suite.
Common Criteria is an international standard (ISO 15408) for evaluating the security properties of IT security products. Common Criteria provides a common set of requirements for the security functionality of these products and for assurance measures applied to these products during a security evaluation. The Common Criteria process establishes confidence that the security functionality of IT products earning certification and the assurance measures applied to these IT products meet the established Common Criteria evaluation requirements. Common Criteria is useful as a guide for the development, evaluation and/or procurement of IT products with security functionality.
“The Common Criteria certification of Centrify Server Suite is an important step because Centrify has now achieved an internationally recognized standard for Active Directory-based access control and role-based privilege management in cross platform environments,” said Erin Connor, Director of the EWA-Canada Common Criteria Test Lab (CCTL) that carried out the evaluation. “Achieving this certification demonstrates Centrify’s commitment to providing high quality security solutions to their customers for the management and protection of critical assets and information.”
The Centrify Server Suite successfully passed rigorous testing by the Certification Body for the Canadian Common Criteria Evaluation and is certified at the EAL (Evaluation Assurance Level) 2+. Centrify was certified using the methodology for EAL 2, and was certified to meet established flaw remediation procedures for the evaluated product. It is listed among products earning certification at: http://www.cse-cst.gc.ca/documents/services/cc/centrify-v20132-eval-eng.pdf.
Centrify’s ongoing commitment to the U.S. Federal Government market is demonstrated by this Common Criteria certification, as well as by last year’s Certificate of Networthiness (CON) from the U.S. Army NETCOM and FIPS 140-2 Level 1 validation. In addition, Centrify also previously received the Department of Defense (DoD) Joint Interoperability Test Command (JITC) certification for support of Common Access Cards (CAC) Smart Cards and strong authentication.
“The Common Criteria process validates the security functions of our solution, and provides confidence that the products customers deploy meet the highest security evaluation standards as measured by the Common Criteria process to best protect their IT infrastructures,” said Matt Hur, Centrify Senior Director of Product Management. “While government is an important market for Centrify, customers in other markets across the board recognize this objective validation of the security of the Centrify solution. We see that many commercial organizations include Common Criteria certification as a requirement in RFPs even if they are not required to do so.” (continued...)