DigiStor Receives Common Criteria Certification, NIAP Listing

DigiStor, a CRU Data Security Group LLC (CDSG) brand, announced that its FIPS 140-2 L2 certified self-encrypting drives have achieved Common Criteria certification and are the first PCIe/NVMe and SATA storage devices on the National Information Assurance Partnership (NIAP) Product Compliant List (PCL) offered at COTS-level pricing.

For the first time, critical infrastructure organizations, industry, and military and government agencies have affordable access to high data security levels using DigiStor’s drives. The Common Criteria certification and NIAP listing are retroactive so all DigiStor FIPS-certified drives already in use automatically gain the critical Common Criteria validation and NIAP PCL.

“The NIAP listing further validates our customers‘ decisions to use DigiStor FIPS-certified SSDs and assures their solutions meet the most stringent cybersecurity standards,” said Randal Barber, CEO, parent company CDSG. “More importantly, these NIAP-listed SSDs are the basis of our Citadel pre-boot authentication (PBA) solutions, which are instrumental to creating NSA‘s Commercial Solutions for Classified (CSfC) DAR solutions. This gives all private and public organizations access to the most advanced, highly secure SSDs available with the critical international Common Criteria certification, regardless of their budget constraints.“

The DigiStor validation report number is CCEVS-VR-VID11297-2023, with a certificate date of March 14, 2023. The evaluated products include M.2 PCIe Gen 3×4 NVMe, M.2 SATA, and 2.5″ SATA solid state self-encrypting drives that use drive encryption to protect data at rest on a lost or stolen device.

NIAP is responsible for the US implementation of the international Common Criteria set of data security standards. Its commercial cybersecurity product certification is mandated by federal procurement requirements (CNSSP 11) for use in US National Security Systems, as information systems operated by the US Government, contractors for the government, or agents that contain classified information. These systems may involve intelligence activities, cryptographic activities related to national security, command and control of military forces, equipment that is an integral part of a weapon or weapons system or are critical to the direct fulfillment of military or intelligence missions.

By meeting Common Criteria, DigiStor customers can trust that the solutions they develop for securing DAR in laptops, desktops, and other devices, are more readily accepted internationally and meet higher security requirements for sensitive and classified data. The company is working with Lightship Security, Inc., an accredited Common Criteria and FIPS 140 laboratory, through its Austin, TX, office.