Skip to main content
Welcome to Virtru's support portal. As we work to make this page more accessible to screen readers, please contact us at support@virtru.com for technical support.

FIPS 140-2 compliance

Alex Litoff
  • Updated

About

Federal Information Processing Standards (FIPS) Publication 140-2 specifies security requirements for cryptographic modules. The Federal government requires that all encryption is performed by FIPS validated cryptographic modules. This requirement is also typically required by State and Local governments, government contractors, and government services providers. FIPS validation is specifically required by FedRAMP, CJIS, NIST SP 800-171, and other compliance programs.

The rest of this article provides more specific detail about FIPS 140-2 compliance as it pertains to Virtru products. 

FIPS 140-2 and Virtru

All of Virtru’s encryption algorithms comply with FIPS 140-2, however, not all Virtru clients leverage FIPS validated encryption modules. Of those that do leverage FIPS validated modules, not all clients are enabled in FIPS mode by default.

In most clients, we use 3rd-party encryption libraries that have been certified by, or for, companies such as Google, Microsoft, and Apple (more details below). As such, Virtru has not been required to go through a validation directly.

On certain Virtru plan levels, some Virtru clients support FIPS by default and others require additional configuration. If you need to ensure FIPS 140-2 compliance across Virtru clients in use, please refer to the chart below and contact support to confirm FIPS is enabled for your account. If you are not sure if your current Virtru plan includes FIPS compliance, please contact Virtru Sales

The FIPS validation certificates used by each Virtru client:

Client

Module Name

CMVP Certificate

Notes

Chrome Browser Plugin - Gmail

OpenSSL

#1747

FIPS mode is not enabled by default. Please contact Virtru Support to enable FIPS mode.

Outlook Desktop Plugin

Windows

Varies by Windows version

The Outlook Desktop Plugin leverages the encryption module of the underlying Windows operating system. Customers should ensure that Windows is configured in FIPS mode to ensure that Virtru leverages the FIPS validated Windows encryption module.

For more information on configuring different Windows versions in FIPS mode, please refer to the following: FIPS 140-2 Validation

iOS

OpenSSL (<= iOS 12)

or

CoreCrypto (>= iOS 13)

#1747 (<= iOS 12)

or

In Process (>= iOS 13 )

Beginning with iOS 13, iOS devices will leverage the underlying encryption module provided by Apple which is FIPS validated.

On-premise Gateway

Bouncy Castle

#3152

Please contact your Customer Success Manager to request FIPS mode configuration.

Note: If you are a current gateway customer this upgrade will be required first before any other actions can be taken on the Virtru side 

C++/Python SDKs

BoringCrypto

#3318

 

Clients not on this list do not currently leverage FIPS validated modules.

Related articles