As we publicly announced on Tuesday, our NIST-certified FIPS 140-2 L2 SSDs are entering the Common Criteria (CC) certification process. “Common Criteria” is shorthand for “Common Criteria for Information Technology Security Evaluation”. CC is a set of internationally agreed upon security standards for SSDs and other storage devices, as well as hundreds of other products included in 14 categories.
31 countries participate in the Common Criteria Recognition Arrangement, 17 of which are authorizing countries able to issue Common Criteria certifications. (The United States is one of those authorizing countries.) The remainder are referred to as “consuming countries”, which means that these countries, in addition to the 17 authorizing countries, recognize issued CC certifications.
To obtain CC validation, the SSDs must undergo evaluation by an independent, licensed testing laboratory. The evaluation ensures that the claims we make about the security features and capabilities in our FIPS SSDs are accurate and implemented properly. We anticipate that this process will be completed in 2022 and at that point, our validated SSDs will be included on the U.S. National Information Assurance Partnership (NIAP) Product Compliant List and the international CCRA Certified Products List. (NIAP oversees evaluations of commercial IT products for use in United States National Security Systems. NIAP is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.)
By implementing our CC SSDs in computers and other devices in which securing Data at Rest (DAR) is important, our customers can be confident that DIGISTOR FIPS SSDs meet the internationally agreed upon standards of data security.