SanDisk Cruzer Enterprise FIPS Edition First Secure USB Flash Drive Listed For Common Criteria Certification

Share Article

Independent testing to validate key security requirements for SanDisk's Cruzer Enterprise FIPS Edition secure USB flash drive for enterprises.

SanDisk Secure USB Drive

Common criteria certification will validate the Cruzer Enterprise FIPS edition secure USB flash drives as an important aspect of an organization's overall security strategy, while providing potential customers with assurance that it meets the rigorous security requirements put forth by the international community

SanDisk Corporation (NASDAQ: SNDK) today announced that it has been selected for evaluation of its Cruzer® Enterprise FIPS edition secure USB flash drive for Common Criteria EAL2 certification under the data protection schedule of the Defense Signals Directorate, Australian Government Department of Defense. After the completion of independent testing and evaluation by stratsec, an approved Common Criteria laboratory, SanDisk's Cruzer Enterprise FIPS edition secure USB drive is now believed to be in condition for an award of Common Criteria EAL 2 certification.

The Common Criteria is an internationally recognized ISO standard (ISO/IEC 15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria is an important worldwide evaluation standard for security products as its certifications are recognized in 26 countries around the world.

"Common criteria certification will validate the Cruzer Enterprise FIPS edition secure USB flash drives as an important aspect of an organization's overall security strategy, while providing potential customers with assurance that it meets the rigorous security requirements put forth by the international community," said David Matot, product manager, SanDisk Enterprise. "In order to meet the unique needs of government agencies, SanDisk has commenced testing of its secure USB flash drives, to ensure it meets requirements for stringent EAL2 certification."

SanDisk Cruzer Enterprise FIPS edition is designed to meet the security requirements of government agencies and financial institutions, featuring FIPS 140-2 level 2 certification for encryption, a standard set by the National Institute of Standards and Technology (NIST). The encrypted flash drive imposes mandatory access control on all files, which are stored in a secure partition that implements 256-bit hardware-based AES encryption. CMC, the enterprise data management software adds a higher level of control to Cruzer Enterprise FIPS edition by centrally managing the drive's complete lifecycle, from initial user-deployment, through usage audit and reporting, password administration and data backup, to drive termination if lost or stolen.

SanDisk Enterprise is a leader in providing innovative, secure USB flash drives and management solutions for the mobile workforce in enterprises and government agencies. SanDisk's enterprise solutions allow IT managers to extend the enterprise security perimeter to mobile storage and boost employees' productivity.

About Common Criteria

Common Criteria is based upon a framework in which computer system users can specify their security requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. It was designed to resolve the technical and conceptual differences among existing standards for the evaluation of security systems and products. Certification to the Common Criteria requires in-depth analysis of product design and development methodology, backed by extensive testing.

Common Criteria is currently recognized by the following countries: United States, Canada, Australia, New Zealand, Austria, The Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, India, Israel, Italy, Japan, Malaysia, The Netherlands, Norway, Republic of Korea, Singapore, Spain, Sweden, Turkey, Pakistan and the United Kingdom.

The Common Criteria represents the outcome of efforts to develop criteria for evaluation of IT security that are widely accepted within the international community. Further information is available at

About SanDisk

SanDisk Corporation, the inventor and world's largest supplier of flash storage cards, is a global leader in flash memory - from research, manufacturing and product design to consumer branding and retail distribution. SanDisk's product portfolio includes flash memory cards for mobile phones, digital cameras and camcorders; digital audio/video players; USB flash drives for consumers and the enterprise; embedded memory for mobile devices; and solid state drives for computers. SanDisk is a Silicon Valley-based S&P 500 company, with more than half its sales outside the United States.

SanDisk's web site/home page address:
SanDisk's product and executive images can be downloaded from

SanDisk, the SanDisk logo and Cruzer are trademarks of SanDisk Corporation, registered in the U.S. and other countries. Other brand names mentioned herein are for identification purposes only and may be trademarks of their respective holder(s).

This press release contains certain forward-looking statements, including specifications, applications, markets, customer acceptance and customers that are based on our current expectations and involve numerous risks and uncertainties that may cause these forward-looking statements to be inaccurate. Risks that may cause these forward-looking statements to be inaccurate include among others: our products may not perform as expected, no security technology can be guaranteed to be 100% secure, new products may not be released when or in the capacities expected, demand for our products may grow more slowly than our expectations, there may be a slower adoption rate for products in new markets that we are targeting, and the other risks detailed from time-to-time under the caption "Risk Factors" and elsewhere in our Securities and Exchange Commission filings and reports, including, but not limited to, our annual report on Form 10-K and our subsequent quarterly reports on Form 10-Q. We do not intend to update the information contained in this press release.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Amanda Jones, Connect PR for SanDisk
Visit website