RSS
What is FIPS 140-2?
The FIPS 140-2 standard is an information technology security accreditation program for cryptographic modules produced by private sector vendors who seek to have their products certified for use in U.S. government departments and regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive information.
FIPS was first published in 2001 by the U.S. National Institute of Standards and Technology (NIST), a non-regulatory agency of the U.S. Department of Commerce. NIST works to establish various standards that the U.S. military and various government agencies must abide by. Vendors, contractors, and any organization working with government or military must comply with FIPS as well.
What Types of Organizations Require FIPS?
Federal and state government agencies that deal with citizens’ private information are frequently required to abide by FIPS. Also, the military and its vendors must also comply to protect sensitive national-security information. Other examples typically include organizations that require high levels of privacy, including financial institutions, information-processing vendors, healthcare-related vendors, educational institutions, and utilities.
However, the FIPS standard is still relevant to companies that may not be required to comply with government encryption regulations. The FIPS standard is appropriate for just about any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.
FIPS 140-2 Certificationfor Cerberus FTP Server
Cerberus FTP Server is certified by FIPS 140-2, certificate 918 (under OpenSSL) and meets federal cryptographic requirements with FIPS 140-2 validated cryptography up to 256-bit AES encryption over SSL.
