Druva, the leader in converged data protection, today announced it is the first organization to provide FIPS-enabled endpoint data protection in the AWS GovCloud (US). This first-of-its-kind support now enables Druva’s top-rated data protection and governance solution in the cloud. In addition, the solution ensures government agencies and contractors that must adhere to the FIPS 140-2 encryption standard now have the ability to meet the technology requirements for running sensitive workloads in the cloud. Druva is incorporating both device level FIPS-validated encryption modules for the secure transmission of data and also leveraging AWS GovCloud (US) FIPS-enabled endpoints and storage, simplifying the data protection process for organizations needing to adhere to the FIPS standard.
“We’ve seen a sharp increase in interest from government agencies and contractors for endpoint data protection in the cloud as part of the US government’s cloud-first initiative. Public cloud environments like AWS’ GovCloud (US) have been a huge step in the right direction, but the lack of software vendors meeting their unique data processing requirements has created barriers to adoption,” said Jaspreet Singh, CEO of Druva. “By bringing together GovCloud with FIPS support, Druva becomes the first data protection and governance solution that can be utilized by these organizations, ensuring they meet the standards set forth by NIST.”
The US Cloud First policy requires that government agencies take full advantage of cloud computing to improve IT flexibility, boost operational efficiency and minimize costs, correcting some of the current IT issues related to duplicative systems, low asset utilization and fragmented, dispersed resources. FIPS (Federal Information Processing Standards) includes publicly announced security standards developed by the US federal government for computer systems used by non-military government agencies and government contractors. GovCloud is an isolated AWS (Amazon Web Services) region for government agencies, contractors and educational institutions to run sensitive workloads in the cloud by addressing their specific regulatory and compliance requirements. The FIPS 140-2 standard is published by NIST (National Institute of Standards and Technology) and outlines the requirements that federal agencies and departments must adhere to when using technology that uses encryption for transmission and storage of their data.
Government agencies often face vendor roadblocks around a lack of FIPS support when trying to move to the cloud; FIPS support must exist throughout the cloud environment at the infrastructure level through to the application level. By combining AWS GovCloud (US), a specialized instance of Amazon’s cloud services that is FedRAMP and FIPS-compliant, with Druva’s added FIPS support for its flagship inSync product, organizations can now be compliant throughout the stack, leveraging Druva’s data protection and governance capabilities in the process.
Druva’s end-to-end FIPS support within GovCloud offers:
- FIPS Data Transmission: FIPS-validated modules on mobile devices that enable transmission of data to AWS’ GovCloud (US), which will receive data through a FIPS- validated SSL terminating point
- AWS GovCloud (US): An isolated AWS Region designed to allow US government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements, the AWS GovCloud (US) framework adheres to US International Traffic in Arms Regulations (ITAR) as well as the Federal Risk and Authorization Management Program (FedRAMPSM) requirements
- FIPS Data Storage: Once within the GovCloud environment, unique block data is encrypted and stored within S3 object storage using Druva’s patented data duplication capabilities, adding additional layers of protection to customer data
Druva inSync is the market leader in endpoint data protection and governance; the solution integrates scalable, high-performance endpoint backup, secure file access and synchronization, data loss prevention, compliance monitoring and eDiscovery capabilities in a single platform. This converged data protection strategy – spanning any mix of BYOD or corporate-owned desktops, laptops, tablets and smartphones as well as cloud services, such as Office 365 – dramatically reduces IT overhead as well as enables the organization to take a proactive posture in quickly identifying and mitigating data risks. Analyst firm Gartner recently rated Druva inSync highest overall for three out of three use cases in its 2015 Enterprise Endpoint Critical Capabilities report.
“Security and compliance count as two of the top reasons organizations are moving to the cloud. Protecting critical data within organizations – be it across endpoints, the cloud or across distributed servers – is critical to the success of any enterprise today. Government organizations, being held to additional requirements and specific standards, face the same security and compliance challenges with additional complexities. The Druva solution allows organizations to operate in a secure cloud environment and adhere to standards such as FIPS,” said Henry Baltazar, Research Director for the Storage Channel, 451 Research.
Druva currently deploys on AWS GovCloud (US). Additional FIPS support will be available within 90 days. To learn more about Druva solutions and their support of federal standards, visit https://www.druva.com/solutions/government.
Druva is the leader in converged data protection, bringing data-center class availability and governance to the mobile and distributed enterprise. With a single dashboard for backup, availability and governance, Druva’s award-winning solutions minimize network impact and are transparent to users. As the industry’s fastest growing data protection provider, Druva is trusted by over 3,000 global organizations on over 3 million devices. Learn more at www.druva.com and join the conversation at twitter.com/druvainc.