NIAP and Protection Profiles

IT security in the federal market is layered and multifaceted. Specific requirements exist for different types of data platforms and technologies. At a more granular level, standards have been developed for individual IT products: NIAP Protection Profiles.

This article will cover why these profiles are essential for federal security, how to find them, and what to do if there isn’t an available profile to follow. 

 

Read More

Common Criteria and the National Information Assurance Partnership 

common criteria featured

In the evolving world of international IT infrastructure and security, it’s critical that organizations and regulatory bodies have a standard to assess technology effectively. A key player in the United States that works to uphold these standards is the National Information Assurance Partnership (NIAP).

NIAP manages the Common Criteria Evaluation and Validation Scheme (CCEVS) in the United States, ensuring commercial IT products meet robust, internationally recognized security standards. 

This article discusses the relationship between the NIAP and the management of Common Criteria standards in the US, including a discussion of some of those standards. 

 

Read More