As high-profile information leaks and cybercrimes proliferate, government agencies face the tall responsibility of protecting increasing amounts of data from progressively complex threats. One important way governments are doing this is by creating and continuing to update rigorous security standards by which all of their information systems must comply. In the United States, two leading Symantec products that keep information systems safe–Symantec Shared Service Provider PKI and Symantec Non-Federal Shared Service Provider PKI Service – received a critical U.S. government certification for use by federal agencies and their contractors.
The products received a FISMA certification, which is short for the Federal Information Security Management Act. FISMA requires federal agencies and those who work with them to adhere to safety guidelines set by the National Institute of Standards and Technology (NIST). These standards cover multiple security controls, such as access control management, audits and accountability and configuration management.
“Governments are in a virtual race to protect their information from a diverse set of threats, including hostile cyber-attacks, natural disasters, structural failures and human errors,” said Gigi Schumm, Vice President and General Manager, US Public Sector for Symantec. “They need trustworthy systems that can guard against targeted attacks, and the FISMA certification proves that we have really robust products to address their needs.”
The products that received the FISMA certification are known as PKI, or public key infrastructure, products. This refers to a system of digital certificates and registrations that verify parties involved in an Internet transaction.The Symantec Shared Service Provider PKI Service offer federal agencies three key benefits:
- Cost-Effectiveness: By leveraging the Symantec Shared Service Provider PKI Service, federal and non-federal agencies save significantly versus implementing and managing their own PKI environment.
- Rapid Deployment: Agencies can issue PKI-based credentials within days of signing up for the Symantec Shard Service Provider PKI Service.
- Mission-Critical Reliability: The service delivers reliability and availability levels that help meet mission-critical needs, including 24x7x365 monitoring, management, archiving and full disaster recovery.
VeriSign® Non-Federal Shared Service Provider Public Key Infrastructure (SSP PKI) Service offers the same benefits to non-federal organizations, such as state and local governments, government contractors, universities and health care providers that require an enterprise PKI solution and secure interoperability with the U.S. federal government.
Other Symantec products that just achieved government certification standards around the world include:
- The Control Compliance Suite 11.0 is now FSTEC-certified in Russia. FSTEC is Russia’s Federal Service for Technology and Export Control.
- A range of Norton protection products – Norton 360 21, Norton Antivirus 21, Norton Internet Security 21 and Norton Security Scan 4 – received China’s Ministry of Public Security (MOPS) certification, along with Symantec Security Information Manager 4.8.
Dr. Rose Quijano-Nguyen, Principal Certification Strategist – Global Targeted Offerings, Symantec Corp.