Ondexx became FIPS 140-2 Compliant.
To be FIPS compliant, an organization must adhere to the Federal Information Processing Standards (FIPS) in order to act in accordance with the Federal Information Security Management Act of 2002 (FISMA). In 2014, FISMA was amended with critical updates in cybersecurity that needed regulatory oversight.
The National Institute of Standards and Technology’s (NIST’s) Computer Security Division created FIPS, a set of computer system security standards. FISMA requires United States federal government agencies to reduce information technology risk to an acceptable level at a reasonable cost.
In order to be FIPS 140 compliant, a US government agency or contractor’s computer systems must meet requirements outlined in the FIPS publication #140.
FIPS 140 covers cryptographic module and testing requirements in both hardware and software, and for a technology to be FIPS 140-2 certified or validated, the software (and hardware) must be independently validated and certified by one of 13 NIST specified laboratories.