Keeper Security is proud to achieve FIPS 140-3 validation for its cryptographic module, reinforcing its commitment to surpassing federal security standards for protecting sensitive government data.
FIPS 140-3 validation builds upon its predecessor, FIPS 140-2, with several key improvements, including:
- Stronger Security Requirements: Stronger protections against side-channel attacks, improved entropy requirements for random number generation and stricter module authentication.
- More Rigorous Testing and Certification: A more structured evaluation process to ensure cryptographic modules meet higher security assurance levels.
- Closer Alignment With International Standards: Harmonization with ISO/IEC 19790:2012 to improve global compatibility and recognition.
- Software Security Enhancements: Stricter requirements for software cryptographic modules, including runtime integrity checks and memory protection.
These enhancements bolster defenses against sophisticated cyber threats, providing critical assurance for federal agencies and enterprises dedicated to protecting their most valuable information.
Keeper Security is also a Federal Risk and Authorization Management Program (FedRAMP®) Authorized provider, meeting the Revision 5 security controls baseline. To receive FedRAMP Rev 5 Authorization, organizations must implement controls from 18 different control families that originate from the National Institute of Standards and Technology Special Publication 800-53. This accomplishment builds on Keeper’s announcement that it achieved FedRAMP Authorization at the Moderate Impact Level in August 2022, as well as StateRAMP Authorization in December 2022, continuously meeting and maintaining the strict requirements ever since. Additionally, Keeper holds a range of other cybersecurity certifications and compliance attestations including SOC 2 Type II and ISO 27001, 27017 and 27018.
“Achieving FIPS 140-3 validation reinforces Keeper’s unwavering commitment to delivering the highest levels of security and compliance for our customers,” said Patrick Tiquet, VP of Security and Compliance at Keeper Security. “This milestone demonstrates that our cryptographic module meets the most rigorous federal standards, ensuring that government agencies, enterprises and other security-conscious organizations can trust Keeper to protect their most sensitive data.”
KeeperPAM offers seamless infrastructure access through a secure vault. Simply log in with Multi-Factor Authentication (MFA) for one-click, passwordless access to servers, databases, web apps and SaaS platforms. Unlike legacy PAM solutions, KeeperPAM is zero-knowledge and zero-trust, meaning that Keeper never has access to your network, infrastructure or secrets. With a lightweight, containerized gateway, Keeper eliminates agents and on-prem complexity while providing full auditing, session logging and flexible access through UI, CLI or isolated web browsing. Keeper’s offerings include MFA for robust account security, comprehensive logging and auditing to detect and prevent threats and Single Sign-On (SSO) integration to streamline access management.
“Achieving FIPS 140-3 validation demonstrates Keeper’s unwavering commitment to providing secure and compliant solutions for federal agencies and enterprises,” said Darren Guccione, CEO and Co-founder of Keeper Security. “As organizations face increasingly sophisticated cyber threats, our validated solutions empower them to effectively protect critical data while ensuring compliance with federal mandates.”
Keeper serves tens of thousands of business customers around the globe, including major federal agencies such as the Department of Justice, Department of Energy, Department of the Interior, United States Secret Service, Department of Transportation and National Aeronautics and Space Administration. With FIPS 140-3 validated solutions now available, organizations can improve their password and access management practices, significantly reducing their risk exposure. This achievement not only meets regulatory requirements but also reinforces Keeper’s role as a leader in the cybersecurity space.
For more information about Keeper Security’s FIPS 140-3 validation and how they can elevate your organization’s cybersecurity efforts, visit the website here.
Related News:
Keeper Security Enhances KeeperPAM with Zero-Trust Security
Keeper Unveils Risk Management Dashboard for Proactive Threat Mitigation
