Originally posted in its entirety at AmericanSecurityToday.com.
It’s 2020, and for folks working in the cryptography niche, that means it is time to address a convergence of complications. I don’t want to say that things were simple for the last few years, but certainly more straight-forward. Our firm SafeLogic, for example, has been planning and revising our strategies for many months in preparation for the variety of hurdles and interdependencies that are currently befuddling vendors in the Public Sector.
With programs like FedRAMP, Common Criteria, and inclusion on the DoD Approved Products List among the biggest requirements for Federal sales and all of them relying on NIST to certify encryption modules, we are working with a very delicate ecosystem predicated on the ability to deliver FIPS 140 validated cryptography. That’s our focus for this piece - the FIPS 140 program and the pitfalls plaguing efforts to meet the standard.