HyTrust Inc. announced that the HyTrust KeyControl Cryptographic Module has entered the validation process for FIPS 140-2 compliance.
By adding FIPS 140-2 validation, HyTrust will continue to strengthen support for critical regulatory mandates such as PCI, HIPAA, and FedRAMP, offering a significant competitive advantage in an environment where data security compliance requirements are being updated and enforced across the board.“The HyTrust engineering team has extensive experience in building FIPS
140-2 compliant encryption systems. We have a deep understanding of the complexities involved in both the security requirements for cryptographic modules and the validation process,“ said Hemma Prafullchandra, CTO and senior vice president of Products atHyTrust. “That’s why we can assure our customers that there will be a seamless upgrade path from current HyTrust DataControl deployments to the FIPS-validated version.”
FIPS 140-2 and the validation process involved represent an established standard from the National Institute of Standards and Technology (NIST). It exists specifically to validate that a cryptographic module creates and handles encryption keys in a secure manner. The validation serves to assure users that the technology has passed rigorous testing by an accredited third-party lab, in accordance with NIST’s Cryptographic Module Validation Program. Since its inception, FIPS 140-2 has been considered the defining benchmark for securely engineered encryption in a range of critical areas, from the defense sector to financial services and other sensitive vertical industries.
HyTrust KeyControl is a hardened software appliance that can be easily deployed on physical or virtual servers. Working in tandem with the HyTrust DataControl encryption engine, KeyControl provides automated and centrally managed control over all encryption and key management policies. The Cryptographic Module is asubset of HyTrust KeyControl, representing the core software elements that generate and manage cryptographic keys. HyTrust KeyControl uses the module to generate and protect keys, enabling the rest of the solution to confidently store and distribute those protected keys.