Home > Compliance > FISMA Compliance
Print PagePrint this Page

FISMA Compliance


What is FISMA?
The Federal Information Security Management Act of 2002 is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002. The act recognizes the importance of information security to the economic and national security interests of the United States.

Who is affected by FISMA?
FISMA assigns specific responsibilities to Federal agencies, the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) in order to strengthen information system security. In particular, FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce information technology security risks to an acceptable level.

Federal agencies, contractors, and any other company or organization that uses or operates an information system on behalf of a federal agency must comply with FISMA regulations. In other words, FISMA affects companies that do business with government agencies.

How do agencies comply with FISMA?
FISMA explicitly emphasizes a risk-based and cost-effective approach to securing information and systems, to identifying and resolving current IT weaknesses and risks, and to protecting against future vulnerabilities and threats. An agency must understand its security posture and close the gaps.

Though scores vary from agency to agency, compliance has been a challenge overall. In both 2004 and 2005, federal agencies received an overall FISMA grade of D+ for IT security.

How does CipherOptics help with FISMA compliance?
CipherOptics' CipherEngine provides a comprehensive data protection solution that ensures the confidentiality, authenticity, and integrity of any data in motion, thereby mitigating the risk of data loss or theft.

The CipherEngine solution allows organizations to encrypt data across the network or the entire computing infrastructure using a global policy and key manager along with both hardware and software-based encryption enforcement points. The CipherEngine data protection solution offers best-of-breed performance, elegantly simple installation and management, and breakthrough scalability. CipherEngine gives you the power to protect data in motion wherever, however and whenever you want, without changes or disruptions to your network, your infrastructure, or your operations.

For more information or to learn how CipherOptics can help you protect your sensitive data as it moves across any network, call us at 1-877-878-6655 or feel free to ask us a question.

Learn more about FISMA Compliance

Learn More About:
Scope of Audit Reduction
Application Domain Security
Network Encryption

Helpful Resources
Full text of FISMA