Isolate and Protect Sensitive Data with NIAP-Certified Secure KVM Switches

July 23, 2019 Tripp Lite

As stories about highly sensitive data security breaches within the U.S. government and U.S. military make headlines, government agencies are demanding a higher level of security from their IT vendors.

Secure KVM Switches

Internal Threats

While we may still envision the remote “hacker” trying to break through a firewall when we think of IT security threats, networks are in fact most vulnerable to data breaches from internal desktop computers and other peripheral devices.

The NIAP (National Information Assurance Partnership), which agencies rely on to test and certify the security capabilities of IT products, emphasizes the ability to combat these internal threats. They have rigorous requirements for products, such as KVM switches, that connect with and manage users’ peripheral devices.

A KVM switch that is not secure provides an open door for in-house users to:

  • Access/remove restricted internal information
  • Introduce malware network-wide
  • Physically breach the device hardware

More Secure KVM Switch Technology

Select IT product manufacturers are enhancing the security capabilities of their KVM switches to address these challenges. Some specific features include:

  • Isolated Channels. Physically separated circuits for each data path on a KVM switch prevent data transfer when switching between authorized and unauthorized channels.
  • One-Way Communication. Prevents users from transferring data back out (to an external device) through the KVM switch. This is essential as handheld drives with terabyte-sized data stores have become available.
  • Secure Emulation. Keyboard and mouse emulation is secured to restrict discovery of connected devices during switching, as is transmittal of EDID data from connected monitors.
  • Flash Drive Restriction. External storage devices are blocked to prevent exposure to malware.
  • Memory Clearing. Secure KVM switches will continuously clear their internal memory after every data transmission to protect against memory mining.
  • Tampering Protection. Device firmware cannot be reprogrammed. Tamper-evident seals indicate if physical intrusion has been attempted; if the physical casing is opened, the KVM switch renders itself inoperable.
  • Push-Button Control. Requires physical access to the KVM switch when switching between connected computers.

Tripp Lite Secure KVM Switches

Tripp Lite’s new B002 Secure KVM Switch series has earned NIAP certification for the latest Common Criteria Protection Profile for Peripheral Sharing Switches Version 3.0 (PP3.0). This line of 11 new models includes all of the enhanced security features listed above and some models with additional features like:

  • CAC (Common Access Card) ports supporting smart card readers
  • Support for DisplayPort 4K x 2K UHD video (optimal for satellite imaging)
  • TAA compliance for GSA Schedule purchases

While it was designed to meet the strict security requirements of government agencies, NIAP certification does not prevent a product from being used in non-government applications. Healthcare providers, private corporations and any other organizations seeking to protect sensitive data from internal threats can take advantage of the same level of protection this class of products provides.

Contact Tripp Lite for more information about new NIAP PP3.0 secure KVM switches.


    From desktop to critical infrastructure, Tripp Lite products and solutions power and connect the computers, networking equipment and electronic devices that form the foundation of our digital world. Headquartered in Chicago since 1922, Tripp Lite has offices and partners worldwide.

    Subscribe to This Blog

    Recent Posts

    Have a Question?