Tips about FIPS Part 2

Has 3.13.11, the use of FIPS-validated encryption, sent your organization through the Seven Stages of CMMC Grief? Does the use of FIPS-validated encryption have you befuddled? Tips about FIPS Part 2 continues address the most common DIBCAC NOT MET requirement for CMMC and NIST SP 800-171, 3.13.11.

FIPS is confusing and complicated. In this episode of As the CMMC Churns, we are going to dive into the requirements surrounding the usage of FIPS-validated encryption. The goal is to provide everyone a baseline set of information on how to approach the use of FIPS encryption.

Because this is complicated, this episode builds on FIPS fundamentals and then addresses Data-at-Rest encryption covered in Part 1. This part picks up with Data-in-Transit.

Fair warning, because of the complexities of implementation and near-infinite variations out there, “Tips about FIPS” will never cover every possible variance out there.

Upcoming “As the CMMC Churns” Episodes:

– 6 April: CMMC FUD
– 13 April: Vulnerability Management for Remote Workers
– 20 April: CUI is not SECRET

As the CMMC Churns

We share our knowledge and experiences as a CMMC 3rd Party Assessment Organization (C3PAO) via the "As the CMMC Churns" episode so everyone can benefit.

Tips about FIPS Part 2

Key CMMC Sites

Key References

Key Acquisition References

Other Key Sites

Recent Posts

Social Contact

As the CMMC Churns

We share our knowledge and experiences as a CMMC 3rd Party Assessment Organization (C3PAO) via the "As the CMMC Churns" episode so everyone can benefit.

Tips about FIPS Part 2

Key CMMC Sites

Key References

Key Acquisition References

Other Key Sites

Share This Content!

Related Posts

3.10.6 Alternate Work Sites

The Three Types of Evidentiary Objects

Your SSP Sucks, Seriously.

Requirements have Relationships

Approve, the Forgotten Verb

Recent Posts

Social Contact