<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=YOUR_ID&amp;fmt=gif">

FIPS 140-3

How VIDIZMO encrypts data at rest and in transit, manages keys, and applies FIPS 140-3 validated cryptography.

What It Is

FIPS 140-3 is the current U.S. government standard for cryptographic modules, covering how they are designed, tested, and validated for handling sensitive data. It replaced FIPS 140-2 as the standard cryptographic modules are validated against.

How FIPS 140-3 Is Organized

FIPS 140-3 defines four increasing security levels for a cryptographic module, based on the physical and logical protections it has:

  • Level 1: basic security requirements, no dedicated physical security mechanisms required.
  • Level 2: adds tamper-evidence and role-based authentication.
  • Level 3: adds tamper-detection and response, and identity-based authentication.
  • Level 4: adds tamper-detection and response under fluctuating environmental conditions, the highest level of assurance.

What FIPS 140-3 Majorly Requires, and How VIDIZMO Supports It

  • Validated cryptographic modules covering key generation, storage, and destruction, at a defined security level: VIDIZMO applies FIPS-compliant, NIST-recommended cryptography through Azure’s certified cryptographic modules.
  • Use of NIST-approved algorithms only: non-approved or legacy algorithms are not permitted inside the validated boundary. VIDIZMO’s encryption stack uses NIST-approved algorithms exclusively, including AES-256 and TLS 1.2/1.3.
  • Data at rest: AES-256 encryption.
  • Data in transit: TLS 1.2 minimum, TLS 1.3 supported.
  • Key management: Azure Key Vault, with separate encryption keys per tenant, rotated biennially.
back to top