DIGISTOR FIPS 140-2 L2 certified self-encrypting drives (SEDs) are now available with Common Criteria certification (in process). The need for an additional level of assurance for encrypting and protecting Data at Rest (DAR) has never been higher for those in government and intelligence agencies, branches of the military, and critical infrastructure.
DIGISTOR is responding to customer need for secure data storage that has the legitimacy of both FIPS and CC certification on the same secure storage device. These certifications have the backing of NIST for FIPS 140-2 L2 and the National Information Assurance Partnership (NIAP) for Common Criteria, an international set of standards for data security.
First and Only M.2 NVMe SED with FIPS + CC
All FIPS-certified SEDs from DIGISTOR will be CC validated. In the CC validation process, DIGISTOR has passed the analysis phase, which compares the DIGISTOR FIPS SED against the NIAP Full Drive Encryption – Encryption Engine Common Criteria (CC) collaborative Protection Profile (cPP). The analysis determines DIGISTOR SSD compliance with the cPP security requirements.
To prepare for the analysis, DIGISTOR defined the exact SED firmware build and features, which have been locked down so program managers, solution engineers, and others can begin to develop their secure data storage solutions. By selecting DIGISTOR FIPS 140-2 L2 SEDs today, security solution developers are using storage that automatically becomes CC-validated when the evaluation is completed later this year.
FIPS + CC SEDs: Available Today
For secure DAR solutions that benefit from the dual assurances of FIPS and CC certification, program managers and project engineers should obtain DIGISTOR FIPS-certified SEDs now. This allows them to begin testing and validating security solutions knowing that these same SEDs will be NIAP-listed in the near future. In other words, whatever DIGISTOR FIPS SEDs are used today for testing and validation can be procured in volume in the future—same part numbers, same SED configuration—without needing retesting or revalidation.
CRU SHIPS Removable NVMe Storage—Now with CC, Too
The pending CC certification includes the FIPS versions of the CRU SHIPS NVMe removable SEDs. The SHIPS architecture is a cross-platform removable NVMe solution used for physical data security and data transport. SHIPS solutions are used for a variety of data security applications from adding removability to standard, off-the-shelf PC desktops and workstations as well as custom solutions such as moving surveillance data from the tactical edge to servers for processing and analysis.
C Series SEDs. Yes, Now with CC
We recently announced the availability of DIGISTOR C Series SEDs, powered by Cigent. Because DIGISTOR is entering the validation phase of CC certification, C Series SEDs, which include capabilities such as data invisibility, and tamper-proof credentials, are now available on FIPS- and CC-validated SEDs.
Validation Next Steps
In the coming weeks, DIGISTOR will enter the formal evaluation period with Lightship Security, a testing lab in Austin, Texas, that specializes in accelerating Protection Profile conformance for the NIAP Product Compliant List (PCL).
At the end of the evaluation period, expected to take place later this year, the current firmware build of our FIPS-certified SEDs will be formally CC validated and NIAP-listed. The list of products under evaluation includes a variety of form factors (2.5-in, M.2), interfaces (SATA, NVMe), and security features (role/user-based access, tamper evident, 256-bit AES encryption, additional features added with Cigent®, SED for Citadel).
As always, stay tuned for more information! Or get in touch today.