Creating automations that are Federal Information Processing Standard (FIPS) compliant
Pega Robotic Automation 8.0 SP1 and later is compliant with Federal Information Processing Standard (FIPS) 140-2 standards. FIPS is a set of cyber security standards that are defined by the National Institute of Standards and Technology (NIST) and are used by the United States and Canadian governments. The FIPS standard defines the minimum security requirements for securing sensitive but unclassified information. FIPS is mandated in some government agencies and is optionally followed in commercial and non-governmental organizations.
The FIPS 140 standard defines the approved cryptographic algorithms that you can use and establishes the requirements for generating and managing keys. For more information about FIPS, see the National Institute of Standards and Technology website. For more information about how Microsoft operating systems handle FIPS validation, see FIPS 140 Validation.
To enable FIPS-compliant encryption on Windows, log in as an administrator and apply a local group policy setting or by editing a registry key.
- Enable the system cryptography use FIPS-compliant algorithms for encryption, hashing, and signing in the Local Policy security options.
- Change the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy Windows registry entry to ‘1’.