Corporate

Contact Sales:
sales@comodogroup.com

Telephone:
Tel: + 1.888.266.6361
Tel: + 1.206.203.6361

Hot Company Award CNET selects Comodo as a finalist in the Security Product of 2006 Awards Catagory

Comodo Secure Operations

Comodo provides services which require the highest possible levels of trust and integrity. To meet such requirements Comodo has invested heavily in the providing both physical and logical security for the Certification Authority operations.

Comodo employs policies and practices that have been designed to meet or exceed the requirements of the AICPA/CICA WebTrust Program for Certification Authorities, ANS X9.79:2001 PKI Practices and Policy Framework, and other industry standards related to the operation of CAs. Comodo is currently undergoing WebTrust compliancy testing.

To date, Comodo have issued tens of thousands of validated SSL and secure email digital certificates through our secure Certification Authority operations. The advanced physical and logical security and validation practices and procedures ensure that all Comodo certificates are highly trusted.

Key elements of security and service integrity employed are detailed below. For further information on the Comodo operations are available in our Certification Practice Statement - available at the Comodo repository (www.comodo.com/repository).

Use of Hardware Security Modules for Key Protection and Certificate Generation

Comodo securely generates and protects its own private key(s), using a trustworthy system (IBM 4758 accredited to FIPS PUB 140-1 level 4), and takes necessary physical and logical precautions to prevent the compromise or unauthorised usage of such devices. All digital certificates issued are issued using IBM 4758 hardware security modules.

Comodo Digital Trust Lab

The world renowned Digital Trust Lab Research and Development Center

With its dedicated team of R & D engineers, the Comodo Digital Trust Lab specializes in design and development of next generation Internet security solutions. Comodo collaborates with leading industry participants such as IBM, HP, Microsoft and Intel to implement a vision of security through invention and innovation. Core development areas include Certificate Services, ASIC design house and fabless semiconductor work, software development and design, infrastructural projects including the idAuthority (the world's only real-time identity assurance infrastructure), and cryptographic research and analysis.

Physical CA Operations

Access to the secure part of Comodo facilities is limited through the use of physical access control and is only accessible to appropriately authorised individuals (known as Trusted Personnel). Card access systems are in place to control, monitor and log access to all areas of the facility. Access to the Comodo CA physical machinery within the secure facility is protected with locked cabinets and logical access control.

The secure facilities are protected from fire and smoke damage (fire protection is made in compliance with local fire regulations) and flood and water damage

Comodo secure facilities have a primary and secondary power supply and ensure continuous, uninterrupted access to electric power. Heating / air ventilation systems are used to prevent overheating and to maintain a suitable humidity level.

Comodo employ a redundant CA system to ensure uninterrupted service levels. Comodo also utilise secondary server and operations sites.

If you would like further details on the Comodo secure facilities please contact legal@comodogroup.com.

Latest News

Web Trust Compliant