Most security standards, including government standards, require cryptography. We are generally familiar with implementing a cryptographic algorithm that meets these requirements and calling it a day. However, to ensure security, NIST also publishes standards for validating encryption modules to ensure they serve their purpose under federal standards. Here, we’re discussing the Cryptographic Algorithm Validation Program… Read More
IT security in the federal market is layered and multifaceted. Specific requirements exist for different types of data platforms and technologies. At a more granular level, standards have been developed for individual IT products: NIAP Protection Profiles. This article will cover why these profiles are essential for federal security, how to find them, and what… Read More
In the evolving world of international IT infrastructure and security, it’s critical that organizations and regulatory bodies have a standard to assess technology effectively. A key player in the United States that works to uphold these standards is the National Information Assurance Partnership (NIAP). NIAP manages the Common Criteria Evaluation and Validation Scheme (CCEVS) in… Read More