FIPS 140-3
How VIDIZMO encrypts data at rest and in transit, manages keys, and applies FIPS 140-3 validated cryptography.
What It Is
FIPS 140-3 is the current U.S. government standard for cryptographic modules, covering how they are designed, tested, and validated for handling sensitive data. It replaced FIPS 140-2 as the standard cryptographic modules are validated against.
How FIPS 140-3 Is Organized
FIPS 140-3 defines four increasing security levels for a cryptographic module, based on the physical and logical protections it has:
- Level 1: basic security requirements, no dedicated physical security mechanisms required.
- Level 2: adds tamper-evidence and role-based authentication.
- Level 3: adds tamper-detection and response, and identity-based authentication.
- Level 4: adds tamper-detection and response under fluctuating environmental conditions, the highest level of assurance.
What FIPS 140-3 Majorly Requires, and How VIDIZMO Supports It
- Validated cryptographic modules covering key generation, storage, and destruction, at a defined security level: VIDIZMO applies FIPS-compliant, NIST-recommended cryptography through Azure’s certified cryptographic modules.
- Use of NIST-approved algorithms only: non-approved or legacy algorithms are not permitted inside the validated boundary. VIDIZMO’s encryption stack uses NIST-approved algorithms exclusively, including AES-256 and TLS 1.2/1.3.
- Data at rest: AES-256 encryption.
- Data in transit: TLS 1.2 minimum, TLS 1.3 supported.
- Key management: Azure Key Vault, with separate encryption keys per tenant, rotated biennially.