Keeper Security has announced its achievement of FIPS 140-3 validation of its cryptographic module.

This milestone advances Keeper’s mission to not only meet, but exceed the latest federal security standards for securing sensitive government data.

FIPS 140-3 builds upon its predecessor, FIPS 140-2, with several key improvements, including:

• Stronger Security Requirements: Stronger protections against side-channel attacks, improved entropy requirements for random number generation and stricter module authentication.
• More Rigorous Testing and Certification: A more structured evaluation process to ensure cryptographic modules meet higher security assurance levels.
• Closer Alignment With International Standards: Harmonisation with ISO/IEC 19790:2012 to improve global compatibility and recognition.
• Software Security Enhancements: Stricter requirements for software cryptographic modules, including runtime integrity checks and memory protection.

These enhancements bolster defences against sophisticated cyber threats, providing critical assurance for federal agencies and enterprises dedicated to protecting their most valuable information.

Keeper Security is also a Federal Risk and Authorization Management Program (FedRAMP) Authorized provider, meeting the Revision 5 security controls baseline.

To receive FedRAMP Rev 5 Authorization, organisations must implement controls from 18 different control families that originate from the National Institute of Standards and Technology Special Publication 800-53.

This accomplishment builds on Keeper’s announcement that it achieved FedRAMP Authorization at the Moderate Impact Level in August 2022, as well as StateRAMP Authorization in December 2022, continuously meeting and maintaining the strict requirements ever since.

Additionally, Keeper holds a range of other cybersecurity certifications and compliance attestations including SOC 2 Type II and ISO 27001, 27017 and 27018.

“Achieving FIPS 140-3 validation reinforces Keeper’s unwavering commitment to delivering the highest levels of security and compliance for our customers,” said Patrick Tiquet, VP of Security and Compliance at Keeper Security. “This milestone demonstrates that our cryptographic module meets the most rigorous federal standards, ensuring that government agencies, enterprises and other security-conscious organisations can trust Keeper to protect their most sensitive data.”

“Achieving FIPS 140-3 validation demonstrates Keeper’s unwavering commitment to providing secure and compliant solutions for federal agencies and enterprises,” added Darren Guccione, CEO and Co-founder of Keeper Security. “As organisations face increasingly sophisticated cyber threats, our validated solutions empower them to effectively protect critical data while ensuring compliance with federal mandates.”

To read more Eskenzi news, click here.