Compliance: ISO 15408
The ISO 15408 standard defines common criteria for information technology security evaluation.
These common criteria allow evaluation of security functionality using eleven different functional and guarantee constraint classes:
- Audit
- Communication
- Cryptographic support
- User data protection
- Identification and authentication
- Security management
- Privacy
- Security functions protection
- Resource utilization
- Access
- Trusted path/channels
IS Decisions provides a range of software solutions that support the evaluations required by the ISO 15408 standard:
| Functional class | IS Decisions Aptitude | IS Decisions Solution | IS Decisions solution's features |
|---|---|---|---|
| Audit | Know | WinReporter | Comprehensive hardware, software and system audit for Windows resources |
| Search, report and archive configuration settings | |||
| User data protection | Know | WinReporter | Report permissions applied to files, folders and shares |
| Control | FileAudit | Identification of accesses to a file or folder | |
| Search, report and archive file and folder accesses | |||
| Act | RemoteExec | Remote file or folder protection | |
| Identification and authentication | Control | UserLock | Identification of users connected to the environment |
| Session duration per user | |||
| Search, report and archive user connectivity | |||
| Resource utilization | Know | WinReporter | Search, report and archive environment changes |
| Report hardware, software and system settings for a resource | |||
| Control | FileAudit | Identification of accesses to a file or folder | |
| Search, report and archive file and folder accesses | |||
| Access | Control | UserLock | Identification of users connected to the environment |
| Search, report and archive user connectivity |