Blancco Earns Second Common Criteria Certification for Government Use in Australia and NZ

Australian agencies have additional data protection with a twice-certified solution

Blancco Drive Eraser secured its second Common Criteria (CC) certification through the esteemed Australian Information Security Evaluation Program (AISEP) in June 2023. This milestone underscores the trust and assurance it provides to government data and asset managers across Australia and New Zealand. With Blancco Drive Eraser, they can confidently erase end-of-life data from a diverse range of devices, safeguarding critical information with industry-leading sanitisation software.

The AISEP is administered by the Australian Certification Authority, which resides within the Australian Cyber Security Centre. Its function is to certify products in line with rigorous international recognized security standards called the Common Criteria (also known as ISO/IEC 15408), ensuring that only the most robust and dependable solutions receive certification. This second certification applies to Blancco Drive Eraser 7.3.1, verifying it meets evaluation criteria recognised by all members of the Common Criteria Recognition Arrangement (CCRA), including Australia and New Zealand. This ensures that agencies using this version can adhere to data sanitisation requirements outlined in various regulatory frameworks such as:

  • the Australian Government Information Security Manual (ISM),
  • the New Zealand Information Security Manual (NZISM), and
  • other mandates regarding data erasure, such as the GDPR’s data minimisation and ‘right to be forgotten’ articles.

Why was Blancco Drive Eraser certified twice for Common Criteria in Australia?

Blancco follows an iterative, continuous improvement process. As we are continuously developing our software, we’re also updating its certifications to ensure it continues to meet the rigorous needs of our customers. Blancco Drive Eraser’s first Common Criteria Certification was granted in June 2020 for version 6.9.1. This certification remains valid for that particular version of our product until June 2025, five years from the date the certificate was issued.

Blancco Drive Eraser 7.3.1 represented a major software update that also changed the ‘target of evaluation’, or the specific features being tested in the software. This required that we submit the newest version for recertification to continue providing our customers in Australia with the required assurance of security and reliability. The newest certificate is valid until June 2028.

So, the result of our commitment to continuous improvement is that we now hold two valid certifications for Common Criteria in Australia and New Zealand, as well as for all countries that are part of the Common Criteria Recognition Arrangement (CCRA). As stated on the Common Criteria website, this Arrangement helps create “a situation in which IT products and protection profiles which earn a Common Criteria certificate can be procured or used without the need for further evaluation.”

Our certifications can be found on the Common Criteria Portal’s Certified Products List (CPL), where ACSC CC-certified products are listed and where the government’s use of CPL products is affirmed.

Why is the Common Criteria certification important to Australian government organisations?

Common Criteria is an internationally recognised standard (ISO 15408) for evaluating information and communications technology (ICT) security products. The Common Criteria Recognition Arrangement (CCRA) is an international arrangement that recognises CC-certified products among its 31 member nations after rigorous evaluation by independent, licensed laboratories. These government licensed laboratories adhere to specified criteria and assessment methods to evaluate the security properties of a security product.

Download the Solution Brief.