Keep sensitive data secure and meet FIPS cryptography standards
FIPS 140-2 is the current version of the Federal Information Processing Standardization 140 (FIPS 140) publication, which specifies requirements for cryptography modules. The National Institute of Standards and Technology (NIST) issues the FIPS 140 series to define the requirements that United States government systems and IT products should meet. FIPS 140-2 requires all federal government agencies and departments that use cryptographic-based security to meet specific standards related to encryption strength and capabilities.
FIPS 140-2 requirements apply to all government agencies that use encryption to protect sensitive data. In addition, organizations that do business with government agencies or department must also meet FIPS 140-2 security requirements when exchanging sensitive data.
Many other organizations must now meet these same standards, as FIPS 140-2 compliance is becoming an accepted best practice outside of the government sector and outside of the United States.
Meet FIPS 140-2 Requirements with Smartcrypt
Smartcrypt fully addresses the standards outlined in FIPS 140-2 by strongly encrypting sensitive data itself. PKWARE’s own FIPS mode setting ensures only FIPS 140-2 validated cryptography is used and eliminates the need for disruptive operating system FIPS policy settings.
Smartcrypt offers government agencies the ability to use validated cryptographic modules for protecting data when run in FIPS mode. Data remains protected even if placed on removable media that is lost or stolen during transit.
In FIPS mode, encryption and decryption are done using only encryption and hashing algorithms that have been validated for compliance with FIPS 140-2 security requirements for cryptographic modules by the NIST. Administrators can use the Smartcrypt Enterprise Manager to set defaults for all users and enforce the use of FIPS mode wherever necessary.
Smartcrypt is designed for maximum flexibility, allowing organizations to implement solutions that meet their unique data protection requirements.
The Smartcrypt client application is installed on each device that will be used to access or store sensitive information. The application can be used to encrypt files, email messages, structured data, and other forms of data on any enterprise operating system. The web-based Smartcrypt management console lets administrators create and apply encryption policies across the entire organization. In addition, the Smartcrypt software development kit lets organizations build strong encryption into their proprietary applications with only a few new lines of code.
Unlike solutions that increase file sizes after encryption, Smartcrypt uses PKWARE’s industry-best compression technology to reduce data volumes before encryption, resulting in lower costs for data storage and transmission.