Data security in Australia has just received a boost with Cocoon Data achieving the ‘holy grail’ of being granted Common Criteria certification to EAL 4+ by Defence Signal Directorate (DSD).
Cocoon Data is the first Australian company to achieve this feat in data protection, and the only data protection software of its type in the world with this high level certification.
Common Criteria is the accepted security standard in 26 countries and provides assurances for government bodies to use the software to handle and transmit information – including Highly Protected information.
Cocoon Data CEO, Trent Telford, said its certification was an important milestone for the Australian data security industry.
“Now that Cocoon Data has achieved certification to EAL 4+ it means that all Australian government and international agencies that accept this certification can utilise our software with confidence,"Telford said. "The information security manual [ISM] for Australian government and defence specifies Common Criteria as the preferred standard under procurement and selection guidelines where a relevant product is certified.
“The online world we know is notoriously insecure. We only have to look at the whole WikiLeaks phenomenon. What the patented technology developed by Cocoon Data is able to achieve is dramatically reduce the risk of data breach and leakage,’’ he said.
The Cocoon Data system is an encryption and rights based system that controls and monitors the exchange of digital files based on recipient identity through authentication and protecting against deliberate or unintended release of sensitive user data.
Telford said apart from Australian government departments and agencies, Cocoon Data’s technology was now beings ought by the US, UK and Europe.
“The amazing thing about our technology is that the creator of a file has the ability to dynamically control which recipients may open an envelope and access objects or data files and know exactly who has even attempted to open them,’’ he said.
The technology is being increasingly used in the enterprise sector where data security is critically important, particularly in financial services and electronic health records.