Andrew.Weiss
Author Archives: Andrew.Weiss
- Home → Author's archive:
Andrew.Weiss
Docker Enterprise Edition enters FIPS certification process
Security is a key pillar of the Docker Enterprise Edition (EE) platform. From built in features automatically configured out of the box to a new secure supply chain and flexible yet secure configurations that are portable with the app from one environment to another – enabling the most secure infrastructure and applications is paramount.
In addition to all the security features, ensuring that the Docker platform is validated against widely-accepted standards and best practices is a critical aspect of our product development as this enables companies and agencies across all industries to adopt Docker containers. The most notable of these standards is that of the Federal Information Processing Standard (FIPS) Publication 140-2, which validates and approves the use of various security encryption modules within a software system.
Today, we’re pleased to announce that the Docker EE cryptography libraries are at the “in-process” phase of the FIPS 140-2 Level 1 Cryptographic Module Validation Program.
This is just one of the many initiatives Docker is driving to support agencies in the adoption of Docker and deployment of container applications in a secure and compliant manner. In addition to starting the FIPS certification process, below are the other compliance initiatives to date:
Announcing Federal Security and Compliance Controls for Docker Datacenter
Security and compliance are top of mind for IT organizations. In a technology-first era rife with cyber threats, it is important for enterprises to have the ability to deploy applications on a platform that adheres to stringent security baselines. This is especially applicable to U.S. Federal Government entities, whose wide-ranging missions, from public safety and national security, to enforcing financial regulations, are critical to keeping policy in order.