Thales (News - Alert) e-Security, a supplier of data protection and cyber security solutions to the financial services, government and technology sectors, confirmed that its keyAuthority solution, has successfully passed FIPS 140-2 Level 3 security test program.
keyAuthority is a key management solution that consolidates and automates the management of encryption keys across multiple classes of encryption devices. It is a solution with a tamper resistant and tamper evident chassis, which provide protection and policy based automation for the entire key management lifecycle ranging from key generation, key distribution, key archival and ultimately key destruction.
Validation to FIPS 140-2 is a mandated requirement in many industry and government sectors and is a frequently stated the best practice for any organization seeking to protect sensitive data.
“Key management systems protect the keys to the kingdom and therefore become one of the most attractive targets for attackers inside and outside the organization. Our customers recognize the need to deploy systems with enhanced levels of security but quantifying that requirement is notoriously difficult, FIPS 140-2 Level 3 provides a convenient and yet meaningful benchmark,” Richard Moulds, Vice President of Strategy at Thales e-Security, said in a statement.
The Federal Information Processing Standards (FIPS) 140-2 validation scheme for cryptographic modules is jointly administered by the US National Institute of Standards and Technology (NIST) and the Canadian Communications Security Establishment (CSE).Testing is performed by certified independent laboratories, with validation ultimately being approved by NIST.
FIPS 140-2 is the most widely recognized security benchmark for cryptographic devices around the world. It applies to a range of cryptographic devices, including key managers and hardware security modules, and supports multiple levels of validation that range from purely software based systems, to fully hardened tamper resistant and tamper responsive systems that deliver significantly higher levels of assurance.
Key Authority can support up to 25 million keys used by thousands of cryptographic devices. It includes support for legacy key management protocols and is claimed to be the only security hardened solution that supports IBM (News - Alert) tape and disk encryption via its native Tivoli Key Lifecycle Manager capability. Brocade encryption-enabled SAN switches are also supported.
Back in December 2011, Thales e-Security announced keyAuthority 3.0 version.