FIPS a No Brainer
A great little story came out a couple of weeks ago regarding the Federal Information Processing Standards (FIPS) Validation process which definitely bears repeating. In the article, the author compares not using FIPS Validated cryptography to “opening a savings account at a bank without the FDIC’s $250K-per-account guarantee. You could do it, and it might work, but why take the risk when a safer option is available for no extra charge?"
Although there are no absolute guarantees in data security, FIPS is a great starting point for validating that a vendor is using proper security standards in the cryptographic design of their products. Another testing standard, Common Criteria, is even more rigorous in their testing.
If your choice for an IT security product or application boils down to two choices; one FIPS Validated product and one NON FIPS Validated product, choose the FIPS product every time. It’s a no brainer.