FIPS 140-2 Compliant File-Sharing Software


The Federal Information Processing Standards (FIPS) define U.S. and Canadian Government security and interoperability requirements for computer systems. The FIPS 140-2 standard specifies the security requirements for cryptographic modules. It describes the approved security functions for symmetric and asymmetric key encryption, message authentication, and hashing.

For more information about the FIPS 140-2 standard and its validation program, see the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC) Cryptographic Module Validation Program website at https://csrc.nist.gov/projects/cryptographic-module-validation-program.

SynaMan, the file sharing software published by Synametrics Technologies, Inc. is fully compliant with FIPS 140-2 specification provided guidelines mentioned on this page are met.

Levels

FIPS 140-2 defines four levels of security, simply named "Level 1" to "Level 4".

Level 1

Level 1 provides lowest level of security and is enforced by configuring the software to use approved algorithms. In other words, when using SSL/TLS to transfer files, the software must use secure ciphers list on Approved Security Functions for FIPS 140-2 published by NIST

Starting v5.0, SynaMan allows a special configuration that restricts SSL handshakes only on secure/strong ciphers. Follow the steps below to enable this option:

  • Log in to SynaMan's web interface as admin.
  • Click Configuration and select the tab for HTTP Configuration.
  • Check Restrict SSL ciphers to FIPS 140-2
  • Save and Restart SynaMan

Level 2 And Higher

Higher levels of FIPS compliance are related to hardware security. Since SynaMan is a 100% private solution, companies can achieve higher levels of FIPS compliance by hardening their network environment. Refer to this document for further details on how to achieve higher levels of compliance.

When To Enable FIPS 140-2 in SynaMan

Enabling this option in SynaMan disable ciphers considered weak according to FIPS guidelines. This means older browsers, mobile devices and other third-party software may not be able to communicate with SynaMan using SSL when this option is enabled.

On the other hand, using this option is required if you need to share files with government organizations, mainly United States and Canada.

100% Private

SynaMan is a 100% private, on-premise, file sharing solution. This means:

  • Private data belonging to your organization will stay inside your company. No third party, including Synametrics Technologies, Inc., will ever get your data. This includes data in transit as well as at rest.
  • No third party, including Synametrics Technologies, Inc., will have knowledge about users involved in data synchronization.
  • No third party, including Synametrics Technologies, Inc., will have access to the metadata, such as file types, their size, or knowledge about the software that uses these files.

Using FIPS Validated Modules

Enabling Restrict SSL ciphers to FIPS 140-2, as mentioned above, eliminates weak ciphers that are not recommended by NIST. However, additional steps are required if your end-goal is to use a FIPS-Validated crypto module in SynaMan. These additional steps require a few extra libraries and slight configuration on the machine where SynaMan is running.

Contact our support department if your company policy requires you to run FIPS-Validated crypto module.

Navigation

Social Media

Powered by 10MinutesWeb.com