FIPS 199 and FIPS 200 Compliance

Vormetric Data Security Solutions

FIPS 199 and FIPS 200 Compliance Requirements

According to NIST Special Publication 800-53, Revision 4:

FIPS Publication 200, Minimum Security Requirements for Federal Information and Information Systems, is a mandatory federal standard developed by NIST in response to FISMA. To comply with the federal standard, organizations first determine the security category of their information system in accordance with FIPS Pubtion 199, Standards for Security Categorization of Federal Information and Information Systems, derive the information system impact level from the security category in accordance with FIPS 200, and then apply the appropriately tailored set of baseline security controls in NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations.

Organizations have flexibility in applying the baseline security controls in accordance with the guidance provided in Special Publication 800-53. This allows organizations to tailor the relevant security control baseline so that it more closely aligns with their mission and business requirements and environments of operation.

FIPS 200 and NIST Special Publication 800-53, in combination, ensure that appropriate security requirements and security controls are applied to all federal information and information systems. An organizational assessment of risk validates the initial security control selection and determines if additional controls are needed to protect organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation. The resulting set of security controls establishes a level of security due diligence for the organization.

See FIPS 199 and FIPS 200 for more detail.

How Vormetric Can Help You Comply with FIPS 199 and FIPS 200.

Core Vormetric capabilities that help meet FIPS 199 and FIPS 200 compliance standards include:

  • Encryption and Key Management: Strong, centrally managed, file, volume and application encryption combined with simple, centralized key management that is transparent to processes, applications and users.
  • Access Policies and Privileged User Controls: Restrict access to encrypted data – permitting data to be decrypted only for authorized users and applications, while allowing privileged users to perform IT operations without the ability to see protected information.
  • Security Intelligence: Logs that capture access attempts to protected data, providing high value security intelligence information that can be used with a Security Information and Event Management (SIEM) solution and for compliance reporting.

In addition to helping you comply with FIPS 199; FIPS 200; FISMA; NIST 800-53, Revision 4; FIPS 140-2; and FedRAMP, Vormetric security solutions are designed to help you comply with:

Other standards that will arise

How Vormetric Solutions Work

Vormetric Data Security Platform

The Vormetric Security Platform

The Vormetric Data Security Platform is the only solution with a single extensible framework for protecting data-at-rest under the diverse requirements of Federal Agencies across the broadest range of OS platforms, databases, cloud environments and big data implementations. The result is low total cost of ownership, as well as simple, efficient deployment and operation.

  • Vormetric Transparent Encryption provides file and volume level data-at-rest encryption, secure key management and access controls required by regulation and compliance regimes.
  • Vormetric Key Management enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates.
  • Vormetric Data Security Intelligence provides another level of protection from malicious insiders, privileged users, APTs and other attacks that compromise data by delivering the access pattern information that can identify an incident in progress.
  • Vormetric Application Encryption enables agencies to easily build encryption capabilities into internal applications at the field and column level.
  • Vormetric Tokenization with Dynamic Masking lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, you can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.
  • The Vormetric Cloud Encryption Gateway safeguards files in cloud storage environments. It encrypts sensitive data before it is saved to the cloud enabling security teams to establish the visibility and control they need around sensitive assets. Because Vormetric’s Cloud Encryption Gateway relies on the Vormetric Data Security Manager for encryption key and policy management, customers never relinquish control of cryptographic keys to the provider and data never leaves the enterprise premises unencrypted or unaccounted for.

Be Protected in Weeks not Months Whatever Your OS

Vormetric works with Federal Agencies and vendors to install its Data Security solutions in weeks rather than months. The Vormetric solutions work with most major operating systems, including Linux, UNIX and Windows servers in physical, virtual, cloud and big data environments.

Easy to Use and Won’t Hurt System Performance

Vormetric Data Security makes it simple to solve security and compliance concerns by simultaneously defending data in databases, files and Big Data nodes across public, private, hybrid clouds and traditional infrastructures. Central management of the entire data security platform makes it easy to extend data security protection and satisfy compliance requirements across the entire Agency, growing as required, without adding new hardware or increasing operational burdens.

Customers typically report no perceptible impact to end-user experience when using Vormetric solutions. Vormetric performs encryption and decryption operations at the optimal location of the files system or volume manager taking advantage of hardware cryptographic acceleration, such as Intel® Advanced Encryption Standard-New Instructions (Intel® AES-NI) and SPARC Niagara Crypto, to speed the encryption and decryption of data.

Collectively, this leads to the most cost-effective solution on the market. For more information, contact us.

ANALYST REPORT

Encryption as an Enterprise Strategy

Vormetric Data Security Platform

Offers survey results and analysis on creating an enterprise-wide encryption strategy.  

Download >>

WHITE PAPERS

Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications

This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects.

Download >>

Customer and Partner Success

  • Rackspace Cloud Partners
  • McKesson
  • AWS
  • Google Compute Engine
  • Microsoft
  • IBM
  • CenturyLink
  • QTS
  • Teleperformance Secures
  • Delta Dental