Filter by Category

Do Business with the Government with FIPS 140-2

FIPS 140-2 is a standard with which cryptographic-based (encryption) security systems must comply when protecting sensitive data in U.S. government agencies and departments.  This FIPS 140-2 standard also extends to other entities that may exchange sensitive data with the federal government, including defense contractors, state agencies, county and city government.

Brief history of FIPS 140-2

The National Institute of Standards and Technology (NIST) is an agency of the U.S. Department of Commerce which establishes the standards for cryptographic modules used to protect and secure sensitive information.  NIST issued FIPS 140-1, the first set of standards developed in conjunction with cryptographic industry vendors and users on January 11, 1994. This group specified four security levels and eleven requirement areas of meeting a cryptographic standard.

On May 25, 2001, NIST issued FIPS 140-2, updating its specifications to address the technology changes since 1994 and is currently working on the draft version of FIPS 140-3 issued in Sept. 2009.

Why FIPS 140-2

FIPS 140-2 data securityThe purpose of the FIPS 140-2 standard is to coordinate the standards to be used by U.S. government and other regulated industries in gathering, storing, transferring, sharing, and disseminating sensitive information.  It also provides an FIPS 140-2 accreditation program for private sector vendors that develop cryptographic modules that can be used in other products.  For instance, our GoAnywhere solution uses an encryption module from RSA® which is FIPS 140-2 certified by an independent lab.

Traditional methods of sending files such as email or FTP do not meet the FIPS 140-2 standards. If you intend to exchange files with the federal government, it is critical that your file transmission is encrypted with a FIPS 140-2 compliant encryption module.

When researching managed file transfer (MFT) solutions, it is important to determine if they have a FIPS 140-2 compliant module available, especially if you are exchanging sensitive data with the federal government. Read more about GoAnywhere's FIPS 140-2 support.

By utilizing an automated and secure file transfer solution like GoAnywhere along with FIPS 140-2 compliant encryption, doing business with the federal government and other such regulated industries becomes much easier.  

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


10 Ways to Achieve File Transfer Automation with GoAnywhere MFT

January 14, 2019

Here’s a fun fact: When it comes to streamlining file transfer processes, automation is the supporting sidekick to any IT or cybersecurity professional. Like Robin supports Batman…


Which is Better: Dropbox vs. MFT?

January 9, 2019

So you’re looking for a way to securely share files with your team. Great! There are plenty of tools you can use today to collaborate and share documents as projects arise. Some are on-premises…


Data Breach and Incident Response Plans | 2019 Templates & Best Practices

December 27, 2018

Every year, organizations hope that statistics for data breaches will improve, that things will be better than the year before. And every year, they are dismayed to discover that even though…


How One Global Health IT Company Achieves PCI-Compliant File Transfers with an MFT Solution

December 21, 2018

Compliance audits can be stressful, especially when they come on the heels of data security standard updates and deadlines. For one global health technology company, a looming PCI DSS audit not only…


What is FTPS?

December 4, 2018

Whether you’re looking to upgrade from your current FTP file transfers or have new requirements from a trading partner or customer, you might be wondering what FTPS is. How does it work, you…