We are thrilled to announce that our enterprise mobile email client, VMware Workspace ONE Boxer has been recertified for the Common Criteria certification from the National Information Assurance Partnership (NIAP), a U.S. government initiative that oversees evaluations of commercial IT products for use in National Security Systems. Common Criteria certification is renewed every two years and we’re incredibly proud Workspace ONE Boxer achieved this milestone as the only enterprise email app that provides the highest security support to the most highly regulated, security-conscious organizations in the world.
To achieve certification and be included in the NIAP’s Product Compliant List, the evaluation of VMware Workspace ONE Boxer was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures in order to demonstrate how it meets high and strict security and compliance standards. Testing and validation for VMware Workspace ONE Boxer performed by the Booz Allen Hamilton Inc. Common Criteria Testing Laboratory (CCTL) in Laurel, Maryland, United States of America.
One of the security targets of evaluation is validation that Workspace ONE Boxer provides S/MIME email services and containerizes enterprise data from personal data that resides on the user’s mobile device. The evaluation showed that Workspace ONE Boxer satisfied all the functional and assurance requirements which includes:
- Cryptographic support and functionality
- User Data Protection
- Identification and Authentication
- Security Management
- Protection of the TSF (Target of Evaluation Security Function)
- Trusted Paths/Channels
Watch this VMware Workspace ONE Boxer top security features video demonstrating our commitment to high and strict compliance standards and the employee mobile experience:
Common Criteria (ISO 15408) is an international security standard containing a common set of requirements for the security functions of IT products and systems and assurance measures applied to them. The Common Criteria is a framework that provides assurance that the process of specification, implementation and evaluation of a computer security solution has been conducted in a rigorous, standard, achievable, repeatable and testable manner at a level that is commensurate with the target environment for use.
The Common Criteria is recognized by 31 member nations in the Common Criteria Recognition Arrangement (CCRA). The purpose of this Arrangement is to ensure IT products evaluated according to the terms of the CCRA are mutually recognized by all member nations, allowing industry to evaluate products once and sell to many nations. Some members of the CCRA include and not limited to Australia, Canada, France, Germany, Italy, Japan, Spain and the United States.