TryTRY
BuyBUY
  • newsletter
  • contact
  • corporate
  • careers
Utimaco
de
TRYour free HSM simulator
BUYget a quote
  • home
  • solutions
  • products
  • services
  • blog
  • downloads
  • partners
  • company

Utimaco Portal

Here you will find everything you need as a partner and customerLogin required

  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research

Home / solutions / compliance / compliance & standardization / FISMA, FedRAMP, and FICAM

FISMA, FedRAMP, and FICAM

To combat outsider attacks and insider threats and ensure all sensitive information is secure, there are a number of information security regulations and processes that government agencies must follow, including FISMA, FedRAMP, and FICAM.

Utimaco HSMs as Root of Trust for Government Regulatory Compliance

Our communities, economy and national security relies on our government’s ability to keep confidential information out of the hands of nefarious parties. As government agencies continue to move sensitive data to digital storage and cloud computing, the regulatory landscape is expanding and open to more vulnerabilities. FISMA, FedRAMP, and FICAM are some of the compliance mandates and frameworks that government agencies must follow in order to ensure the security of their sensitive information and to effectively fend against cyber attacks and insider threats.

Utimaco’s general purpose hardware security modules (HSMs) provide secure storage and processing of sensitive cryptographic data, creating a secure root of trust for an agency’s public key infrastructure (PKI) systems. These appliances serve a multitude of regulatory agencies and affiliated vendors and accredited at FIPS 140-2 Level 3 or Level 4 (physical) and are certified against Common Criteria.

Utimaco’s Enterprise Secure Key Manager (ESKM) provides a FIPS 140-2 Level 2 certified key management solution. The EKSM creates, protects, serves, and audits access to encryption keys on tamper-resistant hardware. Both Utimaco HSMs and ESKMs support classical and post-quantum cryptographic algorithms and are fully compliant with FISMA, FedRAMP and FICAM.

Compliance Requirements for Government Agencies

Federal Information System Management Act (FISMA)

FISMA was passed by Congress in 2002 and amended in 2014 as part of an effort to ensure protection of sensitive information by the US government. FISMA compliance applies to all US government agencies as well as organizations in the private sector doing business with the US government.

The security controls that government agencies and contractors should apply for FISMA compliance are outlined in a set of NIST publications, including:

  • NIST SP 800-53
  • NIST SP 800-171
  • FIPS 199
  • FIPS 200

Federal Risk and Authorization Management Program (FedRAMP)

FedRAMP is designed to ensure that government data and applications placed in the cloud are appropriately secured. The FedRAMP requirements are based upon the NIST 800-53 security controls, which include families such as:

  • Access Control
  • Audit and Accountability
  • Contingency Planning
  • Identification and Authentication
  • Systems and Communication Protection

Federal Identity, Credential, and Access Management (FICAM)

FICAM is an effort by the US government to standardize the use of identity, credential, and access management solutions across all government agencies. The first goal of FICAM is to strengthen the federal government’s information and physical security, which includes objectives focused on building a secure, usable system for authenticating users to government systems and resources.

Achieving Compliance with Utimaco Solutions

Protecting access to sensitive government data requires the ability to securely and accurately identify and authenticate users before granting access to systems or resources. Utimaco CryptoServer HSMs and ESKMs fulfill the following requirements for agencies to be compliant.

  • Create user authentication tokens: User authentication tokens are built around a secret value that must be secured in order to be effective. Ensuring that a malicious user cannot build fake but valid authentication tokens requires protecting the underlying secret. CryptoServer enables secure storage of cryptographic secrets and includes a number of built-in cryptographic algorithms, enabling secure generation of authentication tokens within tamper-resistant hardware.
  • Manage user certificates: Public key infrastructure (PKI) is based upon a hierarchy of user keys and certificates, where certificate authorities (CAs) higher in the hierarchy can create valid certificates for those below them. Since these certificates can be used to authenticate users, protection of the private keys used to create them is essential. CryptoServer can store the private keys of CAs and perform certificate creation and signing in a secure environment, protecting these keys from being compromised.
  • Implement access controls: Protecting access to sensitive data and functionality requires the ability to securely authenticate users and validate their authorization to access protected resources. CryptoServer enable authentication of users through password-based systems, built-in multi-factor authentication (MFA), and integrations with numerous PKI management systems.
  • Store database encryption keys: Database encryption helps to ensure that an attacker with access to an organization’s systems cannot access sensitive data stored on those systems. However, this encrypted data is only as secure as the encryption keys used to protect it. Utimaco Enterprise Secure Key Manager (ESKM) can securely store database encryption keys and perform data decryption within a protected environment, ensuring that secret keys never leave an organization’s control.

Utimaco’s Cryptoserver HSMs and ESKMs provide secure storage and processing of sensitive cryptographic data, creating a secure root of trust for an agency’s public key infrastructure (PKI) systems.  This provides a strong foundation for government agencies and contractors to build solutions for FISMA, FedRAMP, and FICAM compliance.

 

Stay on top of our news
Don’t miss out on any Utimaco updates

Subscribe to Utimaco Newsletter

We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.

Subscribe now

Partners

IQuantics Corp Fornetix - Utimaco Hardware Security Modules Partner EUROPEAN DYNAMICS SA. Rohde & Schwarz Cybersecurity GmbH Softline Solutions GmbH Abrantix AG Cryptomathic GmbH intarsys AG Utimaco HSM - QuintessenceLabs Nexus - Utimaco Hardware Security Modules Partner Astel (UK) Ltd. - Utimaco Hardware Security Modules Partner MALKOM D.Malińska i Wspólnicy s.j. CEGA Security Thomas-Krenn.AG Utimaco HSM - PTESA_profesionales en transacciones electronicas CewTec S.A. Safesoft Kft. Altacom UAB VAR Group SpA - Utimaco Hardware Security Modules Partner Nexus - Utimaco Hardware Security Modules Partner Secure Source Distribution (M) Sdn Bhd - Utimaco Hardware Security Modules Partner Nexus Technology GmbH Perceptus-sp.-z-o.-o. CREAplus Italia S.r.l MIcrosec cv cryptovision GmbH E-Sign S.A. Komar Consulting Inc. - Utimaco Hardware Security Modules Partner Throughwave (Thailand) Co.,Ltd - Utimaco Hardware Security Modules Partner Compumatica secure networks GmbH Macroseguridad Encryption Consulting LLC PETA (Thailand) Co., Ltd. SecureMetric Technology Sdn. Bhd. Cryptomathic Inc. Telegrupp AS Clearkey Consulting - Utimaco Hardware Security Modules Partner Cryptomathic A/S Cogito Group Pty Ltd MTG - Utimaco Hardware Security Modules Partner Baas Control s.r.o. Real security d.o.o. Primekey Solutions AB Skytech Computing Solutions Limited. - Utimaco Hardware Security Modules Partner CREA plus d.o.o. CertiSur S.A. PrimeKey Labs GmbH Ascertia - Utimaco Hardware Security Modules Partner AKEA S.A. - Utimaco Hardware Security Modules Partner Compumatica secure networks B.V. ESYSCO Sp. z o.o. Envoy Data Corporation - Utimaco Hardware Security Modules Partner Synergy Computers (Pvt.) Ltd. - Utimaco Hardware Security Modules Partner Versasec Utimaco HSM - InfoGuard Swiss Cyber Security Fortiedge Pte Ltd. Cyber Armor Pte Ltd JJNet International Co., Limited - Utimaco Hardware Security Modules Partner PKI Solutions Inc. Microexpert Limited
Find a partner

Share this page

EMEA

Utimaco IS GmbH
Germanusstraße 4
52080 Aachen
Germany
Phone: + 49 241 1696 200

Americas

Utimaco Inc.
900 E Hamilton Ave., Suite 400
Campbell, CA 95008
USA
Phone: +1 844 UTIMACO

APAC

Utimaco IS Pte Limited
80 Raffles Place,
#32-01, UOB Plaza
Singapore 048624
Phone: +65 6622 5347

Utimaco

  • support
  • corporate
  • careers
  • legal
  • terms & conditions
  • privacy
  • cookie-policy
© 2021
to top
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research