Nimble Storage Completes Federal Information Processing Standard Certification

Nimble Storage, Inc. announced the completion of a Federal Information Processing Standard (FIPS) 140-2 certification from the US government’s National Institute of Standards and Technology (NIST).

Nimble Storage can address the stringent security mandates of federal customers and partners with the Adaptive Flash platform.

Information security officials must comply with federal mandates to maintain strict control over data and information systems at all times. US federal agencies that use cryptographic-based security systems to protect sensitive information in computer, telecommunication systems and other IT related products rely on FIPS-140 certified systems to comply with stringent security mandates. FIPS 140-2 validation is also required by national agencies in Canada and is recognized in Europe and Australia. The NIST and Canada’s Communications Security Establishment have validated the FIPS 140-2 testing results of the Cryptographic Module identified as Nimble Storage OpenSSL FIPS Object Module by Nimble Storage, also recognized as Nimble SmartSecure.

“Nimble SmartSecure software-based encryption is purpose-built to protect sensitive data with minimal overhead and we believe it is ideal for enterprise and Federal customer implementations,” said Wayne Webster, director of federal sales, Nimble. “This certification not only gives our federal and government customers an additional level of confidence when deploying the Adaptive Flash platform, but solidifies our commitment to attain the necessary requirements mandated by federal agencies. Without doubt, obtaining FIPS certification is a key competitive differentiator and a critical step toward expanding our presence in the federal market.“

Meeting the demanding requirements of large enterprises and federal agencies underpins Nimble’s commitment to innovation and the delivery of critical features, such as encryption of data at rest. Nimble SmartSecure enables both encryption and shredding on a per-application or per-array level and does not require custom drivers or dedicated firmware to implement. Once data is compressed and encrypted by the company’s Cache Accelerated Sequential Layout (CASL) flash-optimized file system, it can be securely replicated to another site with the target site understanding the encryption key.

Under the Information Technology Management Reform Act (Public Law 104-106), the Secretary of Commerce approves standards and guidelines that are developed by the NIST for Federal computer systems. These standards and guidelines are issued by NIST as FIPS for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions.

The FIPS 140 publication series coordinates the requirements and standards from cryptography modules for hardware and software, and in order to achieve FIPS 140-2 validation, cryptographic modules are subjected to testing by independent, accredited test facilities.