Introduction

All U.S. government systems require FIPS 140-2 validation since this standard sets a high security benchmark. Since SMART has been cooperating with the U.S. government, organizations and private enterprises that manage sensitive or confidential data, it has developed FIPS inside SED (self-encrypting drive) products that contain cryptographic component(s) that has been validated to NIST FIPS 140-2 Level-2 standard criteria.

What is FIPS 140-2 Level 2?

FIPS refers to the Federal Information Processing Standards. The FIPS 140 series are computer security standards set by the National Institute of Standards and Technology (NIST) for the U.S. government to approve cryptographic modules. The FIPS 140-2 standard is the benchmark for validating the effectiveness of cryptographic hardware.

The FIPS standard defines four levels of security in which Level 2 adds security requirements for physical tamper-evidence on cryptographic modules, role-based authentication, and operating system requirements.

Why FIPS 140-2?

To work with the U.S. government, FIPS 140-2 validation is required. Contractors and third parties working for U.S. federal agencies are also required to use FIPS 140-2. Since FIPS 140-2 sets a high security benchmark, many industries, such as healthcare, finance and enterprise applications, also adopt the standard for securing their sensitive data.