Feeds

Becrypt disk crypto earns first Brit spook kitemark

Trusted ... up to a point

Securing Web Applications Made Simple and Scalable

A full disk encryption product has become the first bit of kit to be certified by Brit spooks in their new Commercial Product Assurance scheme.

Covent Garden-based Becrypt's DISK Protect demonstrated good commercial security practice, earning it the official stamp of approval to be used by the UK government and public sector bodies in lower threat environments. The foundation-grade certification earned by Becrypt means the DISK Protect is trusted to safeguard data sensitive enough to earn the classification of "restricted". The technology is not approved for guarding more sensitive "confidential" or "secret" material. Nonetheless the seal of approval will make it easier for Becrypt to sell full disk encryption to public sector organisations.

The certificate was handed out by CESG (Communications-Electronics Security Group), which is part of the UK's snooping centre GCHQ. CESG has evaluated and certified security products for years prior to the introduction of the CPA scheme in April 2011. Under the new regime, CESG and independent test labs evaluate commercial security products against published security standards. Products that meet the foundation or tougher augmented grade get the seal of approval for public sector use. Even augmented-grade certification is only good enough for the protection of "restricted and some confidential data", CESG explains.

The CPA scheme is not just for cryptographic products but also covers any security-enforcing gear - such as firewalls and virtualisation technology. The certification scheme does not cover services, which are likely to fall under a separate assurance scheme, currently under development.

A spokesman for CESG said: “We are grateful to Becrypt and our first test labs – Enex and Siventure – for the interest and support they have given us during the pilot phase of CPA." ®

Application security programs and practises

More from The Register

next story
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.