SUNNYVALE, Calif. -- Arcot Systems has achieved validation against Federal Information Processing Standard (FIPS) 140-2, Level 1, the IT security industrys gold standard from the U.S. National Institute of Standards and Technology (NIST). The rigorous validation process means that Arcot software has met one of the most difficult testing methodologies in the world. FIPS testing focuses on a products cryptographic modules and its ability to provide services such as user authentication, data confidentiality and integrity. The U.S. government requires the cryptographic modules of any product that protects sensitive data to meet the FIPS 140-2 standard.
This is a major development for us, as we continue to expand the ways in which organizations can deploy our technology and protect their employees, customers and partners from identity theft and fraud, said Jim Reno, chief technology officer at Arcot. The significance lies in the fact that NIST validated Arcots software-only ArcotID against the same stringent standard that the U.S. government requires for products sold to the public sector to protect their IT systems. Going after this validation, Arcot proved to the private sector that we are focused on continuing to ensure that our solutions meet the high criteria levels set by NIST and it reinforces our commitment to the security of public and private sectors alike."
The ArcotID is a unique software credential that balances cost, convenience and strength. It is a ubiquitous, secure authentication token that transparently fraud-proofs the login process without expensive hardware, rapidly scales to millions of users and runs on a variety of mobile platforms. It also protects against man-in-the-middle or brute force attacks and enables digital signaturesnone of which can be done with hardware OTP tokens. Today, Arcot already protects and verifies 50 million online user identities worldwide.
FIPS 140-2, Level 1 is the same standard used throughout the government for their high security agencies, said Avivah Litan, vice president and distinguished analyst, Security and Risk Management, Gartner Inc. It is very comprehensive, well established and difficult to achieve. FIPS 140-2 validation carries a lot of weight with customers in both the public and private sectors.