Citrix Endpoint Management

FIPS 140-2 compliance

The Federal Information Processing Standard (FIPS) is issued by the US National Institute of Standards and Technologies (NIST). FIPS specifies the security requirements for cryptographic modules used in security systems. FIPS 140-2 is the second version of this standard. For more information about NIST-validated FIPS 140 modules, see the NIST Computer Security Resource Center.

All data-at-rest and data-in-transit cryptographic operations on iOS use FIPS-validated cryptographic modules. On Android, all data-at-rest cryptographic operations use FIPS-validated cryptographic modules provided by Citrix or the platform’s crypto modules provided by the device manufacturer. Contact your Citrix representative for more information on device manufacturer’s modules.

All data-at-rest and data-in-transit cryptographic operations for Mobile Device Management (MDM) on supported Windows devices use FIPS-validated cryptographic modules.

All data-at-rest and data-in-transit cryptographic operations for Citrix Endpoint Management MDM use FIPS-validated cryptographic modules. All data-at-rest and data-in-transit for MDM flows use FIPS-compliant cryptographic modules end-to-end. That security includes the cryptographic operations described above for mobile devices, plus the cryptographic operations between mobile devices and Citrix Gateway.

The MDX Vault encrypts MDX-wrapped apps and associated data-at-rest on both iOS and Android devices using FIPS-validated cryptographic modules.

FIPS 140-2 compliance