Apricorn Achieves Aerospace-Grade Security Certification

- The AS9100 standard is not a cybersecurity certification itself, but a Quality Management System (QMS) standard for the aviation, space, and defense industries. It builds upon the general ISO 9001 standard with approximately 100 additional, more stringent requirements specific to the aerospace industry, focusing on risk management, product traceability, and supply chain integrity. - Achieving this certification is often a prerequisite for suppliers to be considered by major aerospace and defense contractors, and certified companies are listed in the Online Aerospace Supplier Information System (OASIS) database. - For a hardware company, AS9100 validates the rigor of its design, manufacturing, and documentation processes, which is critical when building security products intended to protect sensitive data like telemetry, navigation, and military intelligence. - Prior to this, Apricorn's core security validation came from FIPS 140-2, a U.S. government standard for cryptographic modules. Many of their devices meet Level 3 of this standard, which requires physical tamper-resistant features and identity-based authentication. - Apricorn's products utilize 256-bit AES-XTS hardware-based encryption, meaning the cryptographic keys and all critical security parameters are managed by a dedicated processor on the USB drive itself, not the host computer. - This hardware-centric design is a key defense against common attack vectors; since the PIN is entered on the device's own keypad, it is immune to software-based keyloggers on a potentially compromised host machine. - Security features on many of their drives also include brute-force protection that can crypto-erase the data after a set number of failed PIN attempts and the use of hardened epoxy to protect internal components from physical tampering.