FACT-N-FICTION

[matrix]

Robtff is correct. FIPS 140-2 is for sensitive or unclassified systems. For systems processing classified info, NIAAP (aka NSTISSP) #11 applies. A DoD EMall listing is not an authority source. Try the CCEVS NIAP Validated Products List.

Moving past the standards, the claimed contract makes no sense to me. Homeland Security Department has 180,000 or so employees. These folks are located all around the US and in foreign countries. I don't think any large government entity would ever buy CKYS' type of products in bulk for units spread out across a huge geographic area. At best, they could award a common contract where employees would order from as needed.

Probably half of DHS' employees work in a classified environment. I can't see DHS giving each or most a flash drive. Rather than stealing a couple classified docs at a time, a person could take literally a small library.


NIAAP = National Information Assurance Acquisition Policy
NSTISSP = National Security Telecommunications and Information Systems Security Policy