The Wayback Machine - https://web.archive.org/all/20041204114659/http://www.entrust.com:80/corporate/thirdparty.htm
Login | Support | Help | Contact Us

About Entrust
Fact Sheet
History
Executives and Board
Investor Relations
News & Events
Careers
Awards
Third-Party Validation
Common Criteria Certification
FIPS 140-1
CygnaCom Solutions
Contact Us

Third Party Validation


In today's world of Internet time, downloaded software, dot-coms, and hacker notoriety, it has never been more important for users to seek reassurance from independent laboratories that their mission-critical applications (especially security components) are trustworthy.

Entrust is, and has always, been committed to seeking and maintaining independent third-party verification and certification of its products and services to give customers the confidence to acquire, and deploy its solutions with their employees, business partners, and customers.

Entrust leads the security market in third-party validation and certification
  • Entrust was the first vendor to ever receive the FIPS 140-1 validation in 1995, and has continued the tradition with each major product release garnering 7 FIPS certificates to date.
  • Entrust was the first PKI vendor to receive the Common Criteria certification in 1999.
  • Entrust's GetAccess product is the first product of its' kind to undergo rigorous testing and be awarded certification by Spectria.
  • Entrust was the first ever Public Certification Authority to receive the WebTrust Seal for CAs. This gives customers confidence that the CA's policies are adhered to and the privacy of all customer information is maintained.
  • In 2003, Entrust Authority Security Manager was awarded an ISIS-MTT compliance label for the product class "CA Server", confirming the favorable recommendation of Secorvo Security Consulting, an approved independent verification lab based in Germany.
  • CygnaCom Solutions is one of the leading certification labs in the United States and was the first laboratory authorized to perform both FIPS 140-1 and Common Criteria evaluations.

What does third-party validation mean?
Independent testing and certification labs look at products from various perspectives, depending on the nature of the certification. In many cases, they ensure that a product meets a minimum level of security assurance, that algorithms and protocols are implemented as per specification, or that service offerings meet pre-defined minimum policy assurance.

These validations and certifications are not taken lightly by vendors. Each verification process takes time, resources, and commitment to see through to completion. These tests vary in the time to complete - some as little as a few months, while others take the better part of a year (with Common Criteria being a prime example).

How customers benefit from third-party validations
Customers gain assurance that an independent lab has reviewed the product or service to the utmost level of security specification or policy. These third-party certifications give customers confidence that the products and services they invest in are able to meet their needs from a security and trust perspective. In some cases, as with the U.S and Canadian Federal Government, cryptographic products must be certified to the FIPS 140-1 specification.
Site Map | Privacy Statement | Legal

Copyright 2004 Entrust. All rights reserved.