By using Pragma's SSH Server and Client technologies, customers can deploy these secure file transfer and copy capabilities knowing the embedded Cryptographic Module has met the highest possible security standards. This ensures that your file transfers are protected by best-in-class security.
The Pragma SSH Server comes with a built-in FIPS 140-2 Validated Cryptographic Library to provide for secure transfer of data. This version of Pragma's SSH Server uses the validated cryptographic library to ensure that it operates using only FIPS-approved algorithms for encryption of transferred data when using Secure Copy (SCP) and Secure File Transfer Protocol (SFTP).
Pragma Systems' SSH Server and SSH Client are now available with Federal Information Processing Standard (FIPS) 140-2 certification by the National Institute of Standards and Technology. Data security encryption compliance is mandatory for U.S. federal agencies, the U.S. Department of Defense, the Canadian government, financial institutions and many private sector agencies when it is determined that cryptography is necessary for protecting sensitive information.
The Cryptographic Module Validation Program (CMVP) is the accreditation program that validates cryptographic modules to this standard. The CMVP is a joint effort between the National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of the Government of Canada. Cryptographic Modules validated through the program are subjected to rigorous testing by independent, accredited Cryptographic Module Testing (CMT) laboratories.
For more information about the FIPS requirements through NIST: here .
For more information about FIPS: here.
Most government agencies such as the Department of Defense require FIPS validation for the commercial systems they utilize to protect the integrity of data traffic traveling across their infrastructure environments. Similarly, companies in various market segments such as healthcare, financial and supply chain management are under increasing pressure to ensure that customer, vendor and patient information is secure when traveling across networks. To meet that need, many companies in these markets are implementing the same FIPS standard mandated by the U.S. government.