Thales, leader in critical information systems and cybersecurity, announces that its nShield hardware security modules (HSMs) have received Common Criteria Evaluation Assurance Level (EAL) 4+ certification, ensuring customers have the utmost confidence in Thales’s range of advanced cryptographic solutions.
Peter Galvin, vice president strategy, Thales e-Security says: “Thales has long championed best practices and industry standards and this level of security certification demonstrates our commitment to achieving the highest standards and compliance requirements. The use of cryptography, whether it be encryption, strong authentication or digital signing, requires the strict management of cryptographic keys and enforcement of the management policies governing their use.
It is vital that Thales customers have a high level of confidence in the products they buy and independent review of a product’s security properties is a powerful tool in building that confidence. Government agencies and private sector enterprises deploying Thales HSMs can be assured they are implementing the most secure solutions available.”
The international Common Criteria standard was developed to unify and supersede national IT security certification schemes from several different countries, including the US, Canada, Germany, the UK, France, Australia and New Zealand. Common Criteria certified solutions are required by governments and enterprises around the world to protect their mission-critical infrastructures. Common Criteria is often a pre-requisite for qualified digital signatures under the European Union digital signature laws. Under Common Criteria, a product is evaluated to one of seven specific Evaluation Assurance Levels (EALs).
Thales nShield Connect, nShield Connect+, nShield Solo and nShield Solo+ have all been certified to EAL4+, which exceeds the highest level permitted by international mutual recognition arrangements, ensuring customers have the utmost confidence in Thales’s range of advanced cryptographic solutions. By way of this certification, Thales nShield HSMs are recognised as Secure Signature Creation Devices (SSCDs) which earns them eIDAS compliance (Article 51, Transitional Measures). Thales nShield HSMs are also certified to FIPS-140-2 level 3, a standard defined by the US National Institute of Standards and Technology and the most widely adopted security benchmark for cryptographic solutions in government and commercial enterprises.
Thales’s participation in the Common Criteria scheme complements FIPS validation by providing a broader scope for evaluation including further assurance that the product has been developed in accordance with internationally recognized best practice. Organismo di Certificazione della Sicurezza Informatica (OCSI), the Italian technical testing and evaluation standards organization, evaluated Thales nShield HSMs for Common Criteria certification.
For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs
Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube
About Thales e-Security
Thales e-Security is a leading global provider of digital trust management and data protection solutions that protect the world’s most sensitive applications and information. Thales solutions address identity and privacy related challenges with hardware and software-based encryption, digital signature, and management capabilities. In today’s increasingly connected world, our solutions help thwart today’s targeted attacks and reduce the risk of sensitive data exposure introduced by cloud computing and virtualization, consumer devices in the workplace, increased mobility, big data, and more. Thales e-Security has a worldwide support capability, with regional headquarters in the United States, United Kingdom, and Hong Kong. www.thales-esecurity.com
Thales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 62,000 employees in 56 countries, Thales reported sales of €14 billion in 2015. With over 22,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements. Its exceptional international footprint allows it to work closely with its customers all over the world.
Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.
Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France, the United Kingdom and The Netherlands.