Encryption screen

Proofpoint Completes FIPS 140-2 Validation Process for Encryption

February 25, 2019
Jennifer Cheng

The growing emphasis on encryption in the U.S. federal government and other regulated industries led Proofpoint to partner with SafeLogic to pursue FIPS 140-2 validation for cryptographic modules.

After proving conformance with the FIPS 140-2 standard through a series of tests, conducted by an independently accredited laboratory and coordinated by SafeLogic, the module’s test report was sent to CMVP, the Cryptographic Module Validation Program. The United States National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE), have operated CMVP together since the establishment of the FIPS 140 standard in 1995. Their joint office confirmed compliance and issued certificates #3366, available publicly here and #3372 for Java, available publicly here.

Proofpoint has demonstrated a commitment to excellence by completing the FIPS 140-2 validation process for two cryptographic modules which will be deployed within various Proofpoint security products, including Email Protection and Email Encryption.

”FIPS 140-2 validation is a critical step in working towards FedRAMP certification,” says Bhagwat Swaroop, executive vice president of the Email Security Product Group at Proofpoint. “Proofpoint continually strives to raise the bar and evolve our products to better serve our customers and the people they protect.”

“Proofpoint’s best-in-class solutions combined with our FIPS 140-2 expertise yielded fantastic results,” said SafeLogic CEO Ray Potter. “By working together to streamline the validation process for two different cryptographic technologies, Proofpoint engineers saved significant workloads twice over and have been able to stay focused on product features. It’s a perfect example of how our partnerships should work!”

Proofpoint has long been a proven cybersecurity leader and continues to invest in protecting all the ways that modern government communicates today. Proofpoint Information Archive is already FedRAMP certified and is in the process for Proofpoint cloud email and information protection solutions. This also includes helping federal agencies comply with the Department of Homeland Security (DHS) Binding Operational Directive (BOD) 18-01, to upgrade their email and web security.

For more information on Proofpoint solutions for Federal government, click here. For more information on SafeLogic, click here.