Blog

Understanding FIPS 140-2 Requirements for Achieving FedRAMP Compliance

ISV’s and SaaS providers looking to obtain FedRAMP accreditation must comply with FIPS 140-2 encryption standards. The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the requirements and standards for cryptography modules that include both hardware and software components. It is critical to protect a cryptographic module within a security system to maintain the confidentiality and integrity of the information. ISV’s and Cloud Service Providers (CSP) looking to sell cloud solutions to the US Government and Department of Defense customers must understand FIPS requirements. Understanding FIPS FIPS (Federal Information Processing Standards) is a set of standards that describe document processing, encryption algorithms, and other information technology processes for use within non-military federal government agencies and by government contractors and vendors who support government agencies. The FIPS 140-2 standard specifies the security requirements that will be satisfied by a cryptographic module. The standard provides four increasing

Read More »