FacebookTwitterYouTubeLinkedIn

What’s a FIPS anyway?

It’s hard to keep track of all these government certifications, but when it comes to securing data, the FIPS 140 certification seems to be the most widely recognized and demanded cert when it comes to government agencies and industry’s subject to strict security compliance.

Storage companies like Seagate are starting to market FIPS certification on their self-encrypting hard drives.  Seagate’s Momentus FDE even has FIPS called out as an option customers can select on the website.  Also, check out the footnote on the page:

*FIPS 140-2 Level 2 certification in progress.
**Not available in all countries.

So what the heck is FIPS  140-2 and why is it so important?

According to Wikipedia, The 140 series of Federal Information Processing Standards (FIPS) are U.S. government computer security standards that specify requirements for cryptography modules. There are currently 4 levels of FIPS certification, each more stringent and difficult to obtain. FIPS 140-2 Level 2 certification must be a big step if Seagate is saying it’s coming.  Level 2 adds requirements for evidence showing the device has been tampered with.

In any case, FIPS is being talked about in security circles as the de-facto standard, as a feather in the cap of your security offering. Seagate certainly feels its a key value add. We’ll have to keep an eye on when this certification in progress becomes reality.

Related Posts

Do we need an FDIC for data?
The “evil maid” hack can’t touch self-encrypting drives
Seagate Momentus arms Mobile Armor for military-grade data security
Encryption management across Mac and Windows

2010-09-07T09:22:53+00:00

About the Author:

Related Posts

5 Comments

  1. Momentus FDE Drives Achieve FIPS 140-2 Level 2 Certification – The Storage Effect September 14, 2010 at 7:33 am - Reply

    […] week, in What’s a FIPS anyway, I talked about some looming certification for Seagate’s Momentus line of laptop drives. […]

  2. Seagate FIPS 140-2 cheat sheet – The Storage Effect September 22, 2010 at 12:37 pm - Reply

    […] recently announced the Momentus family of self-encrypting drives are now  FIPS-140-2 certified.  So you may ask what drives do I need to look for?  What are the model numbers? […]

  3. Self-encrypting drives both most effective and ineffective – huh? – The Storage Effect September 30, 2010 at 2:54 pm - Reply

    […] a higher positive perception through awareness and knowledge with recent announcements regarding FIPS 140-2 certification on the Momentus laptop drives featuring SED.  I am certain there is more to come on […]

  4. Government Certifies Seagate Self-Encrypting Enterprise Drives – Inside IT Storage October 5, 2010 at 6:52 am - Reply

    […] and de-facto worldwide standard for cryptographic modules. For additional FIPS info, check out this post from Mark Wojtasiak at the Storage […]

  5. Scott S. October 13, 2010 at 2:48 pm - Reply

    FIPS 140-2 certification is for the Momentus FDE is good, but FIPS 140-2 Level 2 would be a major milestone. Even among the software based FDE solutions, there are few products that have attained a level 2 certication. And it appears that Seagate has already attained this for its self encrypting drives:
    http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm

Leave A Comment