Federal Information Processing Standards (FIPS) are essential for federal agencies and contractors to ensure the security of sensitive information, such as classified data, personally identifiable information, and financial data. 

This article will describe some of the most common FIPS security standards, their importance, and how federal agencies and contractors use them. We will also discuss the recent updates to FIPS security standards, such as FIPS 140-3 and FIPS 186-5, and how they impact federal information security.

Read More

One of the foundational pieces of information that a cloud provider needs to know when preparing for their FedRAMP Authorization is the required Impact Level. These levels aren’t generic labels applied by agencies to highlight the importance of their data–they are clearly-defined categories laid out by the National Institute of Standards and Technology (NIST) to structure security requirements.

Read More

In April 2022, NIST stopped accepting applications for validation certificates for the FIPS 140-2 standard of security in lieu of the updated FIPS 140-3. While many companies are still waiting for their FIPS 140-2 certification (if they got their application in before the April deadline), many are now considering adopting the new 140-3 standard. 

But, to understand the new standard, it’s important to understand the old. FIPS 140-2 has been the NIST standard for cryptography for almost two decades, and its impact will still be felt for years to come. 

Read More