FIPS section 140-2 applies to information processing for government agencies and the military, and it often also applies to vendors, contractors, and suppliers doing business with those entities.
FIPS 140-2 is a standard first published in 2001 by the U.S. National Institute of Standards and Technology (NIST), a non-regulatory agency of the U.S. Department of Commerce. NIST works to establish various standards that the U.S. military and various government agencies must abide by. Vendors, contractors, and any organization working with government or military must comply with FIPS as well. The Canadian government also has policies requiring FIPS-validated software, and it cooperates with NIST in establishing FIPS standards.
FIPS includes standards regarding the formatting of location and personal identification information, encryption algorithms, key storage, and other data processing areas. FIPS purpose is to ensure the security, quality, and processing compatibility of various services in an easily-verified way. This whitepaper will mostly concern itself with FIPS 140-2, which covers the encryption requirements applicable to Progress’s file transfer products.
Interested in learning more about FIPS 140-2 and Secure File Transfer? Download the data sheet.