Australasian Agencies Now Have Additional Protection Against Unauthorised Data Access

Government data and asset managers in Australia and New Zealand can now confidently use Blancco Drive Eraser (BDE) to sanitise end-of-life data from loose hard disk drives and solid-state drives, as well as those in PCs, laptops and servers.

In June of 2020, the Australasian Certification Authority (ACA) awarded BDE 6.9.1 Common Criteria (CC) certification via its Australasian Information Security Evaluation Program (AISEP). This assures government users that Blancco Drive Eraser has met evaluation criteria recognised by all members of the Common Criteria Recognition Arrangement (CCRA), including Australia and New Zealand.

This is good news for agencies that adhere to data sanitisation requirements within

• the Australian Government Information Security Manual (ISM),
• the Australian Privacy Principles guidelines (APP) 11.2,
• the New Zealand Information Security Manual (NZISM),
• the New Zealand Privacy Act (1993) and
• other mandates regarding data erasure, such as the GDPR’s data minimisation and “right to be forgotten” articles.

The Common Criteria certificate is valid for five years from the award date unless it is renewed.

Common Criteria Certification and the EPL

In the past, the Australian Cyber Security Centre (ACSC) posted CC-certified products on its Evaluated Products List (EPL). Recently, however, the ACSC decided to list AISEP’s Common Criteria-certified products only on the Common Criteria Portal’s Certified Products List (CPL). This decision provides a ‘single point of truth’ for ACSC CC-certified products and affirms government use of CPL products.