Blog

Biscom Receives FIPS 140-2 Certification

LinkedIn

nistI’m happy to announce that we’ve received our FIPS 140-2 certification! This is an important certification that is required for federal agencies for applications that use encryption to protect sensitive information.

The National Institute of Standards and Technology (NIST) is the body that defines the technology criteria, and has a cryptographic module validation program (CMVP) that provides the certification. Only thirteen laboratories in the world are able to test and verify that a cryptography module will pass the stringent CMVP process, and it can take over a year to achieve. 

Some of the aspects of FIPS 140-2 include:

  • Security policy
  • Finite State Machine
  • Software modules description
  • Source code within the cryptographic boundaries
  • Key management lifecycle
  • Algorithm conformance
It was a long road but well worth the investment in dollars and time. Let us know if you want to learn more about FIPS 140-2 and how it helps ensure your documents and files are protected.