Infinidat, the market’s leading provider of multi-petabyte data storage solutions, has announced that its cryptographic module for the InfiniBox and InfiniGuard has been awarded Federal Information Processing Standards (FIPS) 140-2 validation. The designation validates Infinidat’s cryptographic technologies which certify Infinidat data storage and backup systems for use in a defined set of government and regulated industries’ IT projects.
FIPS 140-2 validation is a requirement for any product implementing a cryptographic module that processes sensitive information and is used within the federal government. The standard is a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC) under the Canadian government while gaining worldwide recognition as an important benchmark for third-party validation of cryptographic-enabled products of all kinds.
Says Hayden Sadler, Country Manager for Infinidat South Africa, “The standard provides for increasing qualitative levels of security intended to cover a wide range of potential applications and environments. From a local perspective, this means that South African companies can be rest assured that their information is secure according to U.S. FIPS -validated encryption at any layer of the IT stack. By meeting these stringent security standards, we can ensure the highest protection of our clients’ data, further bolstering our own local Personal Protection of Information (PoPI) legislation.”
To facilitate the certification process, Infinidat partnered with security certification solutions provider Corsec Security, Inc. For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2, Common Criteria and the Department of Defense’s APL.
“Completion of the FIPS 140-2 validation process is a testament to Infinidat’s commitment to the storage needs of the U.S. government,” said Jake Nelson, director of marketing at Corsec. “Infinidat’s adherence to security standards and U.S. government regulations should provide users with the peace of mind that they are being protected with a high degree of security, assurance, and dependability.”
Data breaches are increasing at all levels of the IT stack – from user-level email attacks to data corruption and ransomware attacks to the theft of data as it is transported across unencrypted networks. End-to-end encryption, whether in the hypervisor, database or application, provides the highest level of data protection. Many customers hoping to adopt end-to-end encryption are limited due to their dependency on data reduction in their All-Flash Arrays. InfiniBox architecture allows these customers to securely consolidate their data while supporting end-to-end encryption.
“Infinidat has always worked to eliminate the trade-offs between cost, performance and availability. We are expanding on that effort to incorporate data security, at the highest standards, enabling customers to keep their data secure throughout its lifecycle,” said Brian Carmody, Infinidat CTO. “Our ‘Scale to Win’ architecture supports FIPS-validated encryption at any layer of the IT stack while providing faster-than-all-flash performance and 100% data availability without penalizing cost or performance.”