Enable FIPS mode on Windows devices

Overview

The Code42 agent on Mac and Windows devices use the cryptographic module provided by their respective operating systems for encryption and decryption of backup data.

Although the Code42 agent uses the same operating system-provided cryptographic module on all Windows devices, you must also enable "FIPS mode" on Windows devices to ensure FIPS compliance. 

Background

The National Institute of Standards and Technology (NIST) is an organization of the U.S. Department of Commerce whose mission is to set standards that enhance economic security. Many organizations are required to comply with the following NIST security standards:

• NIST 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
• NIST 800-171: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

One of the NIST 800-171 requirements is the Federal Information Processing Standards (FIPS) standard FIPS 140-2, which sets the requirements for cryptographic modules used for data encryption and decryption.

Steps

1. Ensure that the Windows devices in your Code42 environment run supported Windows versions. For supported Windows versions, see Code42 platform hardware and software requirements.
2. To set the "FIPS mode" flag to true on Windows devices, follow instructions in section "Information for System Integrators" in Microsoft's article FIPS 140 Validation.

Additional resources

• National Institute of Standards and Technology
  • Publication search
  • FIPS General Information
  • NIST 800-53
  • NIST 800-171
  • FIPS 140-2
• Wikipedia
  • National Institute of Standards and Technology
  • Federal Information Processing Standards
  • NIST Special Publication 800-53
  • FIPS 140-2
• Code42 
  • Compliance
  • How Code42 Helps Companies Meet Their Compliance Requirements
• Microsoft
  • Why We're Not Recommending "FIPS Mode" Anymore 
  • FIPS 140 Validation

Related topics