10 Check Boxes for Network Security and Cryptography Certification | eWeek

How to Ensure Your Organization’s Network Is Safe From Intrusion

Data security safe
Sep 20, 2017
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


How to Ensure Your Organization’s Network Is Safe From Intrusion

1 - How to Ensure Your Organization's Network Is Safe From Intrusion

Establishing trust between the enterprise and its IT infrastructure is an essential part of security. Organizations must be confident that valuable data transmitted across a network is safe from theft and intrusion. This notion of trust implies the need for independent bodies to define what constitutes a secure solution. The National Institute of Standards and Technology (NIST), Common Criteria and ANSSI have established guidelines for all aspects of secure IT solutions, including hardware and software design, supply chain and process control. For the enterprise, trust is established through solutions that are evaluated by independent laboratories for compliance with these standards. In this eWEEK slide show, using industry information from Nokia security expert Chris Janson, we examine some of those criteria.


Security Is Trust

2 - Security Is Trust

A house is thought secure when its doors and windows are locked, protecting against intruders. The comfort of security comes through trust in the locks and integrity of the doors and windows. Security is based on the trust we place in mechanisms that protect something of value.


Encryption Is but One Segment of Data Security

3 - Encryption Is but One Segment of Data Security

Encryption is the most commonly used data protection mechanism in networks. But encryption alone is not enough: Strong keys, intrusion protection, standards-compliant trusted platforms and other elements are also essential.


AES-256: The Gold Standard of Encryption

4 - AES-256: The Gold Standard of Encryption

AES-256 is what you need to encrypt data in-flight. Developed in 1997, it has yet to be cracked and will provide excellent protection for years to come.


Advertisement

Key Strength and Quality Are Essential

5 - Key Strength and Quality Are Essential

Security is only as strong as its weakest link. High-quality and high-strength keys must be used to ensure maximum encryption strength and minimize danger of compromise as quantum computers become a viable threat.


Supply Chain Must Be Trustworthy

6 - Supply Chain Must Be Trustworthy

Hardware and software systems must come from trusted, reliable sources where controls are in place to avoid malware and malicious bugs. Beginning in the design phase and continuing through manufacture, delivery and operation, a trusted supply chain ensures process integrity.


What Are Crypto Certifications?

7 - What Are Crypto Certifications?

Building trust requires independent standards and testing for compliance to those standards. Several bodies have defined what is required of cryptographic modules, with specific needs varying by region.


FIPS 140-2

8 - FIPS 140-2

In the United States, NIST defines cryptographic requirements in its Federal Information Processing Standard 140-2 document. Four levels are defined, ranging from basic cipher algorithms to tamper-evident physical enclosures and automated response to unauthorized access.


CC EAL

9 - CC EAL

Common Criteria (CC) Evaluation Acceptance Level (EAL) is an international framework for IT security, developed cooperatively among several nations. CC EAL levels provide confidence grades that the system’s security features are reliably implemented.


ANSSI

10 - ANSSI

ANSSI is a French government agency that defines security standards to ensure integrity of data essential to national security. ANSSI is recognized as a leader in cyber-security standards within and beyond the European Union.


Advertisement

Trust but Verify Through Independent Certifications

11 - Trust but Verify Through Independent Certifications

Security solutions must be built upon trust with the vendors supplying them. Security features and compliance with independent standards should be verified through independent laboratory evaluation.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.