According to FIPS Publication 140-2:
[It] provides a standard that will be used by Federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that will be satisfied by a cryptographic module.
The standard provides four increasing qualitative levels of security intended to cover a wide range of potential applications and environments. The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.
Vormetric’s Data Security Management is available as a FIPS 140-2 Level 2 or Level 3 validated appliance.
Other standards that will arise
Core Vormetric capabilities that help meet all these compliance standards include:
The Vormetric Security Platform
The Vormetric Data Security Platform is the only solution with a single extensible framework for protecting data-at-rest under the diverse requirements of Federal Agencies across the broadest range of OS platforms, databases, cloud environments and big data implementations. The result is low total cost of ownership, as well as simple, efficient deployment and operation.
Vormetric works with Federal Agencies and vendors to install its Data Security solutions in weeks rather than months. The Vormetric solutions work with most major operating systems, including Linux, UNIX and Windows servers in physical, virtual, cloud and big data environments.
Vormetric Data Security makes it simple to solve security and compliance concerns by simultaneously defending data in databases, files and Big Data nodes across public, private, hybrid clouds and traditional infrastructures. Central management of the entire data security platform makes it easy to extend data security protection and satisfy compliance requirements across the entire Agency, growing as required, without adding new hardware or increasing operational burdens.
Customers typically report no perceptible impact to end-user experience when using Vormetric solutions. Vormetric performs encryption and decryption operations at the optimal location of the files system or volume manager taking advantage of hardware cryptographic acceleration, such as Intel® Advanced Encryption Standard-New Instructions (Intel® AES-NI) and SPARC Niagara Crypto, to speed the encryption and decryption of data.
Collectively, this leads to the most cost-effective solution on the market. For more information, contact us.
This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects.