Does D-Secure meet Common Criteria standards?

D-Secure utilizes compliance-verified algorithms and follows Common Criteria principles to ensure that data wiping is verifiable and meets high-security requirements.

What is an EAL (Evaluation Assurance Level)?

EAL is a numerical grade (1-7) assigned to an IT product following a Common Criteria evaluation, representing the depth and rigor of the security assessment.

Security Certification

Common Criteria Compliance-Verified Data Erasure Software

Why enterprises and service providers rely on independently validated, globally recognized certification for assured data sanitization.

With data protection regulations tightening across regions and industries, organizations increasingly prefer security solutions that have been evaluated by internationally accredited certification bodies. Selecting a data erasure platform that guarantees irreversible removal of information is a responsibility that lies with IT Asset Managers (ITAMs), Information System Security Managers (ISSMs), compliance teams, and CISOs. Such tools must demonstrate not only functional effectiveness but also architectural security validated through formal assessment.

The Common Criteria (CC) framework is one of the most widely accepted international standards for evaluating the security of IT products. Solutions that achieve CC certification are trusted across highly regulated sectors such as government, defense, financial services, critical infrastructure, and healthcare.

Although the market offers numerous data wiping tools, only a small number qualify for Common Criteria certification due to the depth of technical scrutiny and assurance requirements involved. D-Secure Drive Eraser is among the few solutions that have successfully completed this process and has been certified at Evaluation Assurance Level (EAL) 2, confirming its design integrity and data sanitization reliability.

Understanding Common Criteria Certification

A product evaluated under Common Criteria is assessed by an authorized Common Criteria Testing Laboratory (CCTL). These laboratories operate under national certification schemes that are members of the Common Criteria Recognition Arrangement (CCRA), an international agreement that enables mutual acceptance of security evaluations.

The CCRA includes leading economies such as India, Germany, France, the Netherlands, Canada, Australia, Japan, and several others. A certificate issued by any accredited national body within this framework is recognized across all participating countries.

In India, Common Criteria certification is administered by the Indian Common Criteria Certification Scheme (IC3S), operating under the Standardization Testing and Quality Certification (STQC) Directorate of the Ministry of Electronics and Information Technology. In Europe, organizations such as TrustCB B.V. in the Netherlands perform similar roles under their national accreditation systems.

Evaluation of D-Secure Drive Eraser Under Common Criteria

D-Secure Drive Eraser underwent formal evaluation in accordance with Common Criteria Version 3.1, Revision 5. The assessment was carried out by an accredited CCTL and targeted compliance with EAL2 assurance requirements.

Functional and security testing performed by the product developer
Independent validation by the evaluation laboratory
Comprehensive vulnerability analysis and penetration testing

Developer Verification

The evaluation team reviewed the developer’s test plans, coverage reports, and functional specifications, confirming alignment between the implemented erasure algorithms, security architecture, and the defined Security Target (ST).

Independent Laboratory Testing

Evaluators reproduced the functional tests in a controlled environment, verified configuration and operational guidance, and inspected the implementation of sanitization mechanisms to ensure conformity with documented security claims.

Vulnerability & Penetration Assessment

A detailed vulnerability search and penetration exercise confirmed that no exploitable weaknesses existed within the scope of Basic Attack Potential. The product demonstrated resilience against known misuse and attack scenarios.

Certification Outcome

Based on documentation review, functional validation, and security testing, D-Secure Drive Eraser was found to satisfy all assurance and security functional requirements defined in its Security Target for EAL2.

“The evaluation confirms that the Target of Evaluation fulfills all specified security functional and assurance requirements and is therefore recommended for Common Criteria EAL2 certification.”

Why Common Criteria Matters for Enterprises and EAAS Providers

For organizations operating under strict regulatory oversight and for Managed Service Providers delivering Erasure as a Service (EAAS), Common Criteria certification delivers measurable assurance:

Internationally recognized validation of security design
Independent confirmation of resistance to forensic recovery
Eligibility for government and defense procurement programs
Audit-ready support for GDPR, HIPAA, ISO 27001, NIST, CCPA, and similar frameworks
Demonstrated adherence to structured security engineering practices

With EAL2 certification under the Common Criteria framework, D-Secure Drive Eraser stands as a globally trusted, independently verified, and compliance-ready data sanitization platform for enterprises, ITADs, cloud providers, and MSPs seeking provable and irreversible data destruction.

Explore D-Secure Compliance-Verified Erasure Solutions

Frequently Asked Questions

Comments (0)

Your email address will not be published. Providing an email is optional.

No comments yet. Be the first to comment.

Have Questions About This Topic?

Send us an enquiry regarding: Common Criteria Certified Data Erasure Software