+10
Closed

FIPS Certification

tzobl 2 years ago updated by Caitlin M Barnes (Product Manager) 2 years ago 7

ConnectWise Control should seek a FIPS certification. It already has FIPS compliance, but our remote support software requires FIPS certification to be used to service law enforcement customers.

Available in Version:
+1

Due to Law Enforcement requirements this is something that would be incredibly beneficial for us too. 

+1

Agreed, this would allow us to support LEAs conveniently!

ConnectWise Control is FIPS-compliant but not FIPS-certified. Our Relay service is responsible for handling traffic to and from your ConnectWise Control server. All traffic is automatically encrypted with AES-256 block encryption and RSA provided by the Microsoft RSA/Schannel Cryptographic Provider. These particular implementations of the AES-256 and RSA algorithms have been designated as FIPS compliant for ConnectWise Control servers on Windows. For more information, see Microsoft's documentation on FIPS 140 Validation.


If you need an official compliance letter, contact Sales at controlsales@connectwise.com.

Is it possible to not use the relay to control the traffic?

*with the on premise version*

Hi Kalebdienelt, 

No, it is not possible to avoid the relay. 

Caitlin