Home News Enhanced FIPS-certified embedded security announced

Enhanced FIPS-certified embedded security announced

by Brian Sims

Inside Secure has announced that its SafeZone encryption toolkit has received Federal Information Processing Standard (FIPS) 140-2 certification from the US National Institute of Standards and Technology (NIST). The certification expands the company’s portfolio of FIPS-certified hardware security modules and secure microcontrollers to include software offerings for securing data in transit over SSL/DTLS and IPSEC, as well as data at rest on Android devices. With these additional FIPS-certified offerings, it delivers OEMs and application developers even greater ability to secure appliances, applications, mobile devices and servers in accordance with stricter government security requirements. ‘Security is now a basic requirement for every device and at every point where data is touched, stored or transmitted. Even beyond government-mandated applications, many industries in the commercial sector are adopting FIPS because it has become a globally recognised standard for security,’ stated Simon Blake-Wilson, executive vice president for embedded security solutions at Inside Secure. ‘Using software development tools that incorporate this pre-validated module, manufacturers can meet current and future security requirements, avoid the lengthy and expensive FIPS validation process, stay focused on their core competency and get their products to market more quickly.’ The enhancements are claimed to illustrate how the recent Embedded Security Systems acquisition is supporting the company’s strategy to provide customers with an assortment of hardware- and software-based security solutions. FIPS 140-2 is a globally recognised US government security standard for securing commercial, government and defence applications. US and Canadian government telecommunications systems already are required to use FIPS 140-2 validated cryptographic modules to secure data. As more industries are categorised as critical infrastructure and become targets of cyber-attacks, their applications, devices and communications networks will also be required to meet these stricter government mandates and recognised standards. Recent directives in the US and Europe seek to expand this requirement to more industries including finance, manufacturing, healthcare, transportation, communications and other utilities.

You may also like