CA Technologies announced CA Privileged Access Manager is the first and only security solution for controlling, monitoring and auditing privileged user access to attain Common Criteria certification outlined in the National Information Assurance Partnership (NIAP) Protection Profile for Enterprise Security Management – Policy Management.
Common Criteria is an independent security certification recognized by governments in more than 27 countries. NIAP is responsible for U.S. implementation of the Common Criteria and manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.
"Privileged access management is a top requirement for most organizations, including governments,” said Vic Mankotia, vice president, Security & API Management, Asia Pacific & Japan, CA Technologies. “The certification resulting from this protection profile evaluation offers government agencies and private sector companies a well-defined and clearly articulated level of confidence in CA Privileged Access Manager.”
According to its website, NIAP has replaced the legacy “robustness” and Evaluation Assurance Level (EAL) criteria with Protection Profiles as the preferred evaluation standard.
CA Privileged Access Manager gained Common Criteria certification based on the results of a Protection Profile evaluation performed by EWA-Canada, an accredited Common Criteria Test Lab based in Ottawa, Canada. The Enterprise Security Management (ESM) - Policy Management protection profile focuses on access control policy definition and management.
“With this certification of Privileged Access Manager, CA Technologies continues its commitment to providing products that have been certified to meet stringent international standards for IT security to support the security of its customers’ systems and data,” said Erin Connor, director of the Common Criteria Test Lab at EWA-Canada. “This certification is doubly important as it represents the first privileged access product to be certified for compliance to the ESM Policy Management Protection Profile and be listed on the NIAP Product Compliant List. We are proud to have been able to help CA achieve this milestone.”