One of the challenges that IT Professionals face when planning for an acceptable "Bring Your Own Device" (BYOD) strategy is understanding or measuring the level of security that can be utilized by said devices provided by an organizations employees. Certain devices provide certain levels of security which should be adhered to when planning which device offering will receive which level of access to an organizations data alongside choice of mobile device management software such as System Center 2012 Configuration Manager and Windows Intune. One of the highest levels of security designation that can be bestowed on a North American mobile device is the Federal Information Processing Standard (FIPS) Publication 140-2. The FIPS 140-2 designation, issued by the National Institute of Standards and Technology (NIST), ensures that requirements and standards for cryptography modules that include both hardware and software components are met or exceeded.
Recently, Windows Phone 8 was awarded not only FIPS 140-2 but all nine cryptographic module certificates from the Canadian CSEC validation and US CMVP programs. This is tremendous news for Canadian and US federal government organizations as well as other businesses that require FIPS 140-2 validation for procurement and deployment. This applies to all Windows Phone 8 devices in market and makes Windows Phone 8 one of the very few mobile OS offerings to receive this type of security designation.
The official record of FIPS 140-2 validation certificates can be viewed on the NIST CMVP website. The following is the full list of certificates validating the newly bestowed certification.
- Kernel Mode Cryptographic Primitives Library (CNG.SYS)
- Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)
- Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)
- Enhanced Cryptographic Provider (RSAENH.DLL)
- Boot Manager
- BitLocker Windows OS Loader (WINLOAD)
- Code Integrity (CI.DLL)
- BitLocker Windows Resume (WINRESUME)
- BitLocker Dump Filter (DUMPFVE.SYS)