Mirantis Achieves New FIPS 140-2 Validation For Encryption
Completes Rigorous Testing for Deployments in U.S. Federal Government
Mirantis, the open cloud company, has received a new certificate of FIPS 140-2 validation covering the encryption modules for Mirantis Container Runtime, Mirantis Kubernetes Engine and the k0s Kubernetes distribution, assuring customers high levels of security for cloud native deployments.
“The CMVP’s stringent requirements for cryptography give peace of mind to users, and I’m pleased that Mirantis has embraced this high level of security and assurance.”
“The issuance of our new FIPS 140-2 validation means that we can continue to offer our clients the highest levels of confidence in the cryptographic modules included with our products,” said Shaun O’Meara, field CTO of Mirantis. “The encryption validation is particularly important in today’s environment of tightening security requirements and helps facilitate the implementation of an effective secure software supply chain and other robust security systems and controls.”
More than $97 billion of government-wide IT spending is budgeted for 2022, all of which is gated by compliance initiatives like FIPS.
Mirantis has partnered with SafeLogic to provide expert guidance and experience as well as ongoing support to ensure that the cryptographic modules included with its products meet the highest standards. The FIPS 140-2 validation was granted after proving conformance with the 11 Derived Test Requirements that must be met. The module’s test report was sent to the Cryptographic Module Validation Program (CMVP), operated by the United States National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE). Their joint office confirmed compliance and issued certificate #3993
“We are proud to collaborate with Mirantis on FIPS 140-2 validated encryption within their deployments,” said SafeLogic CEO Poga Ahn. “The CMVP’s stringent requirements for cryptography give peace of mind to users, and I’m pleased that Mirantis has embraced this high level of security and assurance.”
By completing the FIPS 140-2 validation process, Mirantis ensures that its products are eligible to be procured by U.S. federal agencies, including the Department of Defense, as well as for use in regulated industries such as utilities, finance, telecommunications, and healthcare. Mirantis has strong expertise in these industry verticals and will be able to continue to provide software and services and expand on future opportunities for growth. While Mirantis Container Runtime was previously FIPS compliant, the new validation also includes Mirantis Kubernetes Engine and k0s to provide broader compliance within the company’s product portfolio.