Support Contact
Why Sharetru?
Platform
Features
Compliance
Industry
Pricing
Resource Hub
Start Free Trial
    Start Free Trial
      FIPS 140-2

      Critical Validation for
      Your Security

      Ensure the security of your data with the highest standards of cryptography. Our platform keeps your files safely encrypted so you can meet legally mandated FIPS requirements and protect your business from expensive data breaches and penalties.

      Be Confident in Your FIPS Compliance

      As part of FIPS 140-2 compliance, Sharetru uses only modules certified by the Cryptographic Module Validation Program (CMVP), a security accreditation program jointly established by NIST and Communications Security Establishment Canada (CSEC).

      Our platform uses AES-256 encryption modules for at-rest protection as well as for SFTP. We use TLS 1.2 for all HTTPS and FTPS transfers, providing you with a file storage and sharing solution that keeps your data secure at rest as well as in transit.

      With the publication of The Federal Information Processing Standards (FIPS) 140-2, a high set of security standards was established for cryptographic modules used by the federal government in the storage, transfer, and sharing of sensitive information.

      FIPS imposes specific requirements developed by NIST for encryption and other critical cybersecurity measures. To be FIPS-compliant, your file-sharing solution has to use cryptographic algorithms and hash functions that meet the standards specified in FIPS publication 140-2.

      At Sharetru, we exclusively use components that meet FIPS 140-2 standards for in-transit and at-rest encryption.  
      Learn More About Encryption and Compliance

      Adhere to Critical Standards

      Meeting the high FIPS standards provides tremendous benefits. Besides keeping your data secure, it’s also important for meeting various other compliance frameworks. For example, the International Traffic in Arms Regulations (ITAR) require that in-transit encryption modules be FIPS 140-2 validated. 

      FIPS 140-2 also applies to:

      • HIPAA (FIPS-validated cryptography is an implied standard and ensures alignment with the HIPAA Safe Harbor Act)
      • CMMC (FIPS-validated cryptography must be used to protect the confidentiality of CUI)
      • FedRAMP (control requirements for FIPS 140-2 are listed below)
        • Web application sessions
        • CSP administration
        • Site-to-site replication
        • Data at rest
        • FIPS 140-2 validated OTP

      Our platform makes FIPS-compliant file transfers quick and easy, so you can share private and sensitive data with confidence. 

      FIPS 140-2 is a prerequisite for CMMC and FedRAMP compliance. The use of TLS 1.2 or other encryption modules that are FIPS 140-2 validated is an implied standard of HIPAA. Many industries must follow the requirements of FIPS 140-2 to be compliant with U.S. law. 

      Organizations that are legally obligated to meet FIPS requirements for file storage and transfer include:

      • Government contractors and subcontractors
      • Federal and state government agencies
      • Energy and utility providers
      • Healthcare organizations
      • Banks and financial institutions

      Sharetru makes secure file sharing quick and easy for organizations in a wide variety of industries so they can be confident in their FIPS 140-2 compliance.
      Learn More About FIPS Compliance for your industry

      Frameworks and Industries That Require Strong Encryption

      The need for FIPS 140-2 compliance extends into a range of industries and other compliance frameworks such as those listed below.

      • CMMC

        Guard controlled unclassified information

        Your organization must meet the requirements of NIST SP 800-171 for FIPS 140-2 validation — in all the technology and services it uses — to keep CUI protected. CMMC 2.0 Level 2 aligns directly with NIST 800-171, making our file sharing platform ideally suited for CMMC compliance.

        Find Out More

      • FedRAMP

        Maintain effective cloud security

        Account for many of the approximately 20 controls related to FIPS 140-2 that are required by FedRAMP including those for data in transit and at rest, as well as MFA and other authentication functions. We use FIPS 140-2 validated encryption modules for each control.
        Find Out More

      • HIPAA/HITECH

        Protect personal health information

        Observe the HIPAA Safe Harbor Provision with FIPS 140-2, an implied standard of the requirement. The Health Information Technology for Economic and Clinical Health Act (HITECH) mandates that FIPS 140-2 encryption is deployed with full functionality.

        Find Out More

      • Financial Services Regulations

        Defend customer information

        Follow the Financial Industry Regulatory Authority (FINRA) rules for encrypting data at rest and in transit. Ensure that you always use a FIPS 140-2 validated encryption module to protect client and financial information.

        Find Out More

      • Aerospace & Defense

        Encrypt your CUI

        Keep your controlled unclassified information safe with advanced multistage encryption that keeps your data secure at rest as well as in transit.

        Find Out More

      • Healthcare

        Securely share PHI

        Safely share sensitive patient information with other physicians or healthcare providers by ensuring that PHI is protected with FIPS 140-2 validated encryption modules.

        Find Out More

      • Financial Services

        Store and transfer safely

        Store and transfer proprietary information across systems with a secure, private cloud-based platform that meets all the requirements of FIPS 140-2.

        Find Out More

      Guard controlled unclassified information

      Your organization must meet the requirements of NIST SP 800-171 for FIPS 140-2 validation — in all the technology and services it uses — to keep CUI protected. CMMC 2.0 Level 2 aligns directly with NIST 800-171, making our file sharing platform ideally suited for CMMC compliance.

      Find Out More

      Maintain effective cloud security

      Account for many of the approximately 20 controls related to FIPS 140-2 that are required by FedRAMP including those for data in transit and at rest, as well as MFA and other authentication functions. We use FIPS 140-2 validated encryption modules for each control.
      Find Out More

      Protect personal health information

      Observe the HIPAA Safe Harbor Provision with FIPS 140-2, an implied standard of the requirement. The Health Information Technology for Economic and Clinical Health Act (HITECH) mandates that FIPS 140-2 encryption is deployed with full functionality.

      Find Out More

      Defend customer information

      Follow the Financial Industry Regulatory Authority (FINRA) rules for encrypting data at rest and in transit. Ensure that you always use a FIPS 140-2 validated encryption module to protect client and financial information.

      Find Out More

      Encrypt your CUI

      Keep your controlled unclassified information safe with advanced multistage encryption that keeps your data secure at rest as well as in transit.

      Find Out More

      Securely share PHI

      Safely share sensitive patient information with other physicians or healthcare providers by ensuring that PHI is protected with FIPS 140-2 validated encryption modules.

      Find Out More

      Store and transfer safely

      Store and transfer proprietary information across systems with a secure, private cloud-based platform that meets all the requirements of FIPS 140-2.

      Find Out More

      Check Out Key Resources

      See all resources here
      Blog

      Data Security Breaches: Consequences and Prevention Best Practices

      This blog deep dives into security breaches in file transfer/file sharing, the consequences and how to avoid falling victim to a cybersecurity attack.

      Read More

      sharetru-symbol-white

      Watch Our Platform In Action

      You don’t have to take our word for it. We’ve been the leaders of secure online file sharing from the very beginning, and we’d love to show you how we do it. Schedule your demo today.

      Book Your Demo