technology
clouds

Assurance

Information Assurance and Certifications

Envault encryption technology and products are developed according to the highest standards and meet the requirements of the most critical organizations. At the same time, they are extremely simple to use, making them accessible for non-specialist users.

Official approvals / certifications:

  • FIPS 140-2 Inside (US, Federal Information Processing Standards)

    • Envault’s Removable Media Protection and Internal Disk Protection products utilize a FIPS 140-2 certified encryption module.  AES-256 (FIPS 197) is used for encryption and diffusion. AES has been approved by NSA for up to TOP SECRET information in federal use when used with a 256-bit secret key.

  • EU Classified Information

    • The European Council and the European Commission approves a crypto product for the protection of EU classified data if and only if it is:
    1) Nationally approved by a member state, and
    2) Second-party evaluated by an appropriately qualified authority (AQUA).

    Envault’s encryption products are currently pending national evaluation by NCSA-FI, and being used by the Finnish Defence Forces.
    Note: All nationally approved crypto products are also approved for RESTREINT UE / EU RESTRICTED in Finnish systems.

Compliance information:

Envault helps you to fulfill the strictest compliance requirements by providing the strong protections for the confidentiality, integrity and availability of information as well as integrated mechanisms for access control, logging and auditing.

  • PCI

    • PCI rules set requirements for confidentiality of credit card information stored and used by merchants. Envault encryption and auditing fulfills all relevant security requirements set in the Payment Card Industry Data Security Standard (PCI DSS).

  • SOX

    • Sarbanes-Oxley act sets requirements for privacy, integrity and availability of financial data in publicly traded corporations. Envault helps you organization to fulfill the SOX requirements where applicable.

  • HIPAA

    • Federal HIPAA Privacy Rule protects personal health information held by covered entities. Envault allows your organization to fulfill the HIPAA safeguards so that individually identifiable health information can be protected and you can ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure, where applicable.

  • GLBA

    • Confidentiality and integrity of personal financial information stored by financial institutions. Envault enables your organization to fulfill GLBA requirements where applicable.

  • SB 1386

    • Confidentiality of customers’ personal information stored by any organization that does business in the state of California. Envault enables your organization to fulfill SB 1386 requirements where applicable.

  • BASEL II

    • BASEL II rules define requirements for confidentiality and integrity of personal financial information stored by financial institutions. Envault enables your organization to fulfill BASEL II requirements where applicable.

  • ISO27001

    • Envault helps your organization to fulfill the data protection related controls set in ISO27001 Annex A, where applicable.