FRANCE: INSIDE Secure announced that its SafeZone encryption toolkit, a key sub-component of the company’s embedded security software products, has received Federal Information Processing Standard (FIPS) 140-2 certification from the US National Institute of Standards and Technology (NIST).
The certification expands the company’s portfolio of FIPS-certified hardware security modules and secure microcontrollers to include software offerings for securing data in transit over SSL/DTLS and IPSEC, as well as data at rest on Android devices.
With these additional FIPS-certified offerings, INSIDE now gives OEMs and application developers even greater ability to secure appliances, applications, mobile devices and servers in accordance with stricter government security requirements.
“Security is now a basic requirement for every device and at every point where data is touched, stored or transmitted. Even beyond government-mandated applications, many industries in the commercial sector are adopting FIPS because it has become a globally recognized standard for security,” said Simon Blake-Wilson, executive VP for embedded security at INSIDE Secure.
“Using software development tools that incorporate this pre-validated module, manufacturers can meet current and future security requirements, avoid the lengthy and expensive FIPS validation process, stay focused on their core competency and get their products to market more quickly.”
According to Simon Blake-Wilson, this enhancement to INSIDE’s lineup of FIPS-certified offerings also illustrates how the recent Embedded Security Systems acquisition is supporting INSIDE’s strategy to provide its customers with the most complete assortment of hardware- and software-based security solutions.
FIPS 140-2 is a globally recognized US government security standard for securing commercial, government and defense applications.
US and Canadian government telecommunications systems already are required to use FIPS 140-2 validated cryptographic modules to secure data. As more industries are categorized as critical infrastructure and become targets of cyberattacks, their applications, devices and communications networks will also be required to meet these stricter government mandates and recognized standards.
Recent directives in the US and Europe seek to expand this requirement to more industries—including finance, manufacturing, healthcare, transportation, communications and other utilities—all of which are considered so vital that their incapacity or destruction would have a debilitating effect on economic security or public health and safety.