Symantec gets FISMA certification for shared service products

As high-profile information leaks and cybercrimes proliferate, government agencies face the responsibility of protecting more and more data from progressively complex threats. One important way governments are doing this is by maintaining rigorous security standards. 

In the  U.S., two Symantec security products — Symantec Shared Service Provider PKI and Symantec Non-Federal Shared Service Provider PKI Service — received a critical certification for use by federal agencies and their contractors.

The products were certified under the Federal Information Security Management Act. FISMA requires federal agencies and those who work with them to adhere to safety guidelines set by the National Institute of Standards and Technology. The standards cover multiple security controls, such as access control management, audits and accountability and configuration management.

“Governments are in a virtual race to protect their information from a diverse set of threats, including hostile cyberattacks, natural disasters, structural failures and human errors,” said Gigi Schumm, vice president and general manager, U.S. Public Sector for Symantec. “They need trustworthy systems that can guard against targeted attacks, and the FISMA certification proves that we have really robust products to address their needs.”

The products that received the FISMA certification are known as PKI, or public key infrastructure, products. This refers to a system of digital certificates and registrations that verify parties involved in an Internet transaction. 

The firm said its PKI Service offers federal agencies several benefits, including cost effectiveness, the ability of agencies to issue PKI credentials within days of signing up for the shared service provider PKI service and reliability. Symantec said the service also provides full-time monitoring, management and archiving for disaster recovery.

VeriSign Non-Federal Shared Service Provider Public Key Infrastructure Service offers the same benefits to non-federal organizations, such as state and local governments, government contractors, universities and health care providers that require an enterprise PKI solution and secure interoperability with the federal government.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.

Connect with Susan at [email protected] or @sjaymiller.


  • senior center (vuqarali/

    Bmore Responsive: Home-grown emergency response coordination

    Working with the local Code for America brigade, Baltimore’s Health Department built a new contact management system that saves hundreds of hours when checking in on senior care centers during emergencies.

  • man checking phone in the dark (Maridav/

    AI-based ‘listening’ helps VA monitor vets’ mental health

    To better monitor veterans’ mental health, especially during the pandemic, the Department of Veterans Affairs is relying on data and artificial intelligence-based analytics.

Stay Connected