Great news! The RSA Archer Platform version 6.1 just received an Evaluation Assurance Level ( EAL) of 2+ from a Common Criteria lab. The RSA Archer platform has carried this designation across many years and many versions, but was just retested and recertified against our latest platform changes and enhancements.
What is an EAL?
It is the designation that an impartial third party assessor has tested the design and functionality of RSA Archer software to prove that the internal security features of the platform work as intended (and as advertised!).
Why should you care?
This gives the end user assurance that a tool with an EAL can be used to safely store and process sensitive data. For example, EAL testing gives the assurance that RSA Archer provides not just rigid access control between authorized and unauthorized users, but also rigid and nuanced access enforcement between different levels of authorized internal users. These CC EAL certifications are important to our public sector buyers. Even if you’re in the private sector, however, you can get a little extra piece of mind knowing that this EAL 2+ has enabled RSA Archer to be implemented in a wide range of federal environments, including in highly sensitive and classified environments.
Our evaluation was performed by Leidos' Common Criteria Testing Laboratory within its Commercial Cybersecurity practice. Leidos is one of the top evaluation and testing laboratories approved by the National Information Assurance Partnership (NIAP).
A full announcement is available here, but I wanted to share the update too. We’re all proud of the progress we are making in moving the platform forward with new features, but maintaining our strict security standards as we go!
Thanks for reading and, as always, email me with questions or comments