REDCOM completed the FIPS 140-2 validation process, receiving certificate #3189 in May and #3229 in July of last year.
The FIPS 140-2 validations were granted after independently accredited labs put the REDCOM encryption modules through a series of tests. After proving conformance with the FIPS 140-2 standard, the modules’ test reports were sent to CMVP, the Cryptographic Module Validation Program, operated by the United States National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE). Their joint office confirmed compliance and issued the certificates, both available publicly on the CMVP website. #3189 was issued for a C-based module deployed in a Linux environment, while #3229 was for a Java module operating on Android.
This validation effort is very important to REDCOM because the REDCOM Secure Client for Android is now available with U.S. government certified encryption, making it eligible to be procured by federal agencies, including the Department of Defense. It is also approved for use in regulated industries such as utilities, finance, and healthcare, opening doors to significant future revenue.
“FIPS 140-2 validated encryption has fortified our positioning,” said REDCOM Voice Product Security Program Manager Sal Ceravolo. “As a major supplier of communications technology to the U.S. military, government agencies, and emergency responders, we understand how crucial it is to meet the stringent benchmarks for deployment in these sectors.”
The certifications were streamlined via strategic partnership with encryption experts at SafeLogic. Instead of starting from scratch, SafeLogic provided cryptographic technology that had already been tested by independent labs, saving significant time from the arduous process.
“REDCOM was our first partner to certify the Java crypto module on an Android mobile platform,” noted SafeLogic CEO Ray Potter. “It was a great collaboration, paving the way for an accelerated validation while also conducting operational testing in a different environment!”
“SafeLogic’s technical team was very impressive with their feedback and responsiveness,” Ceravolo added. “They provided us with a knowledgeable software engineer we could talk to at any time and we got certified in the first pass.
Our partnership saved us the hassle of dealing with consultants or hiring engineers familiar with esoteric FIPS 140-2 regulations.”
The REDCOM Secure Client is part of the company’s portfolio of UC solutions for Federal and military customers designed to improve operational flexibility, command & control, and readiness. For more details on the REDCOM Secure Client, visit www.redcom.com/products/secure-client-gov
REDCOM Laboratories, Inc. is a woman-owned small business that specializes in the design and manufacture of advanced tactical and strategic communications solutions with a focus on security, reliability, and interoperability. REDCOM’s customers include all branches of the military, government agencies, emergency responders, integrators, and enterprises. For additional information, please visit the REDCOM website at www.redcom.com.
SafeLogic provides innovative encryption products for applications in mobile, cloud, server, appliance, wearable, IoT, and other constrained environments. Our flagship product, CryptoComply, provides drop-in FIPS 140-2 compliance with a common API across platforms. SafeLogic’s customers include many of the most influential and innovative companies in technology. SafeLogic is privately held and is headquartered in Palo Alto, CA. For more information about SafeLogic, please visit www.SafeLogic.com.