Press Release

EMC Products Awarded Common Criteria Security Certification

Conformance with International Standard Highlights Information-Centric Security Capabilities of EMC Product Portfolio

HOPKINTON, Mass., April 21, 2008 - 

EMC Corporation (NYSE:EMC), the world leader in information infrastructure solutions, today announced that a broad portfolio of EMC® products have been awarded Common Criteria certification for meeting the security requirements defined by the Common Criteria for Information Technology Security Evaluation.

The Common Criteria is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the U.S. Government for national security systems, which handle classified and some non-classified information, are required to be Common Criteria certified. Security-conscious customers such as government agencies utilize Common Criteria certification as a determining factor when making purchasing decisions.

The following products from EMC and RSA, the Security Division of EMC, have received Common Criteria certification:

  • EMC SMARTS® Service Assurance Management Suite, IP Management Suite, and Storage Insight for Availability
  • EMC CLARiiON® FLARE® with Navisphere® running on CX3 series storage systems
  • EMC Celerra® Network Server
  • EMC ControlCenter®
  • EMC Symmetrix® Access Controls, Enginuity® with EMC Solutions Enabler
  • EMC Disk Library
  • EMC Documentum® platform
  • RSA® Certificate Manager

For more information regarding the EMC products certified for conformance with Common Criteria specifications, please visit

To gain compliance, a product’s security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.

EMC’s information-centric security strategy ensures that customers are equipped with built-in, best of breed security capabilities to secure their information infrastructures. EMC’s Common Criteria-certified products span key applications, secure infrastructure management solutions, and storage systems, providing the industry’s leading information capture, management and storage solutions for IT procurement managers in the Federal and commercial sectors requiring conformance to a common ISO-based standard for assessing product security.

"EMC's contribution to IT security is its information-centric approach that allows customers to preserve the confidentiality, integrity and availability of their information throughout its lifecycle,” said Charles Kolodgy, research director at IDC.  "By having multiple products Common Criteria certified, EMC is providing a strong foundation to help customers meet their evolving data protection and compliance imperatives."

"Information Assurance and Common Criteria-certified products are a major requirement for our programs and customers," said Thomas Plummer, manager of platform security for Lockheed Martin's Maritime Systems & Sensors business. "Our programs that implement these certified solutions do so with the confidence that they are adhering to stringent security standards."

"EMC continues to devote significant engineering and development resources to ensure that our portfolio of products and solutions are inherently secure and deliver advanced, third-party-validated capabilities to our customers,” said Eric Baize, Senior Director, Product Security Office, EMC Corporation. “Information security is a key priority for our customers, many of whom look to certifications like these as product differentiators when making purchasing decisions. Common Criteria validation is an important milestone in our continued effort to provide the industry’s most secure information infrastructure solutions."

About EMC

EMC Corporation (NYSE: EMC) is the world’s leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC’s products and services can be found at

Press Contacts

Colin Boroski

EMC, Documentum, Symmetrix, CLARiiON, Celerra, Smarts, ControlCenter, Enginuity, FLARE and Navisphere are registered trademarks of EMC Corporation. RSA is a registered trademark or trademark of RSA Security, Inc. in the U.S. and/or other countries. All other trademarks are the property of their respective owners.