December 15th, 2015 by Adam Armstrong
Druva Announces First Combined FIPS & AWS GovCloud Solution
Today Druva announced that it was the first company to provide Federal Information Processing Standards (FIPS) enabled endpoint data protection in the Amazon Web Service (AWS) GovCloud. This will be ideal for government agencies and contractors that must adhere to the FIPS 140-2 encryption standard but that want to run their applications in the cloud.
The Cloud First policy mandates that “agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost.” FIPS (Federal Information Processing Standards) includes publicly announced security standards developed by the US federal government for computer systems used by non-military government agencies and government contractors. GovCloud is an isolated AWS (Amazon Web Services) region for government agencies, contractors and educational institutions to run sensitive workloads in the cloud by addressing their specific regulatory and compliance requirements. The FIPS 140-2 standard is published by NIST (National Institute of Standards and Technology) and outlines the requirements that federal agencies and departments must adhere to when using technology that uses encryption for transmission and storage of their data.
Government agencies and contracts are limited to the infrastructure they can use due to lack of FIPS support. This is especially an issue as they attempt to move to the cloud. Druva added FIPS support to its flagship inSync product, a endpoint data protection and governance solution. inSync with FIPS combined with AWS GovCloud gives these agencies compliance throughout there stack as they move to the cloud.
- FIPS Data Transmission: FIPS-validated modules on mobile devices that enable transmission of data to AWS’ GovCloud, which will receive data through a FIPS- validated SSL terminating point
- AWS GovCloud: An isolated AWS Region designed to allow US government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements, the AWS GovCloud (US) framework adheres to US International Traffic in Arms Regulations (ITAR) as well as the Federal Risk and Authorization Management Program (FedRAMPSM) requirements
- FIPS Data Storage: Once within the GovCloud environment, unique block data is encrypted and stored within S3 object storage using Druva’s patented data duplication capabilities, adding additional layers of protection to customer data
Druva deploys on AWS GovCloud now and is expected to support FIPS within the next 90 days.