CloudMask is first in its field to receive Common Criteria Certification
OTTAWA, Ontario, March 1, 2016 /PRNewswire/ -- CloudMask, a cloud data protection platform that assures data protection under breach is the first in its field to achieve Common Criteria Certification (ISO/IEC 15408) an international standard administered by the Cybersecurity agencies of 26 major countries worldwide, including the "Five Eyes."
The Common Criteria is an internationally agreed upon standard representing the highest levels of Cybersecurity. The standards are set through a process of international intergovernmental cooperation and are administered by the top-level security agencies within each member state.
In Canada, the certifying agency is the Communications Security Establishment (CSE), Canada's national Cyber Security agency. In the United Kingdom, it is the Government Communications Headquarters (GCHQ). Similar agencies, such as NIAP-DOD in the United States, ANSSI of France and Germany's BSI, oversee the program in their respective countries. All tests certify that while using CloudMask, user data cannot be seen by the cloud providers, including CloudMask itself, governments, or insiders even if they have full control over the infrastructure.
CloudMask protects confidential information by encrypting and masking data at source and keeping it masked throughout its lifecycle. By masking data, CloudMask renders it useless to intruders thereby ensuring that data breach does not mean data exposure. Tarek El-Gillani, CTO of CloudMask, emphasizes that "the CloudMask solution is ready and is already being used by security-conscious organizations. The world's best cybersecurity organizations have examined and approved CloudMask security."
El-Gillani, further says – "Breaches like the latest one at IRS, prove again that we must change our approach to data security. We must change our approach to start protecting the data itself, not merely where the data is." He continues, "CloudMask has been certified to protect data under total breach. If IRS and OPM were protected by CloudMask technology, their private data would not have been disclosed."
Talking about the value of the Common Criteria, El-Gillani said, "One of the problems today is that many firms tout "Military Grade" and "Bank Grade" security without any end-to-end verification of their claims. At best they can claim that their security is FIPS 140-2 compliant. These marketing terms are essentially meaningless since they do not validate end-to-end security. The difference with Common Criteria is that it goes beyond encryption algorithms to validate that the data is indeed protected against threats from hackers and other malicious actors. Common Criteria Certification is the gold standard of international security certification. None of our competitors has this."
Having secured Common Criteria certification, CloudMask is now well placed to provide security solutions to the world's most demanding government agencies and multinational corporations. CloudMask has been approved for public sector procurement under the Canadian Government's Software Licensing Supply Arrangement (SLSA) and the UK Government Digital Marketplace (G-Cloud).
CloudMask is a 'Software as a Service' (SaaS) security platform. CloudMask's platform provides data protection even under conditions of total infrastructure breach. It enables everyone to create, exchange and consume information on any device, connected to any network, using any application, with full confidence in the privacy of their information. There is no requirement to alter existing applications in any way to make them compatible with CloudMask.
CloudMask technology is certified under the Common Criteria approved by 26 cybersecurity agencies around the world. It is FIPS 140-2 validated and goes well beyond it. Using patented methods, CloudMask, running on user devices, transparently intercepts and analyzes data to identify and encrypt private information. The intercepted data may belong to applications such as Google Apps, SalesForce, Box, and MS Office 365, CloudMask will ensure it is protected.
Share this article: