Your browser does not allow storing cookies. We recommend enabling them.

SSH Communications Security Meets U.S. Federal Government Security Assurance Standards


Crypto Module in SSH Communications Security’s CryptoAuditor Solution Meets Stringent Government Standards

HELSINKI and WALTHAM, Mass., Dec. 18, 2014 – In their ongoing efforts to steal sensitive data, hackers and malicious insiders are using encrypted channels to hide data exfiltration. SSH Communications Security today announced that its CryptoAuditor solution uses a crypto module that has achieved Federal Information Processing Standard (FIPS) 140-2 certificationfrom the National Institute of Standards and Technology (NIST). CryptoAuditor can now be used by national agencies in the U.S. and Canada that use cryptographic-based security systems to protect sensitive information. For more information, visit

Unmonitored, uncontrolled and unaudited encrypted channels leave organizations vulnerable to malicious insider threats:

  • Preventing data loss: CryptoAuditor helps prevent data loss across encrypted channel traffic with inline, real-time and transparent audit capabilities for federal agencies, retailers and other organizations transmitting sensitive information.
  • Interactive and automated: CryptoAuditor can intercept, monitor, record and replay the content of the most common data-in-transit encryption protocolsused in network environments for interactive and automated sessions.
  • Reducing risks: Expanded support enables organizations to monitor and control SSL/TLS,Secure Shell, SFTP and RDP connections, closing security gaps and reducing the risk posed by advanced external threats.
  • Independent validation: To achieve FIPS 140-2 validation, cryptographic modules undergo stringent testing by independent, accredited test facilities.
  • Recognized worldwide: FIPS 140-2 certification is also recognized in Australia and Europe. SSH is working with security standardization bodies in the U.S., Europe, Asia and beyond to ensure that its products meet compliance standards.

Matthew McKenna, COO, SSH Communications Security, said:

“Just as hackers are relentless in their attacks, federal agencies must be relentless in their efforts to safeguard sensitive information. These agencies must comply with the most rigorous standards available, which is why FIPS 140-2 assurance is so important. We are proud to provide the security assurance government agencies need for preventing misuse of encrypted channels.”

About SSH Communications Security

SSH Communications Security is the market leader in developing advanced security solutions that enable, monitor and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki, Finland and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.

Want to see how PrivX can help your organisation?

Are you a DEVELOPER accessing cloud hosts, are you a IT ADMIN managing access & credentials in your corporation, are you BUSINESS MANAGER and want to save money or are you responsible of IT SECURITY in DevOps