FIPS (Federal Information Processing Standards) [1] defines a set of public security standards developed by NIST (National Institute of Standards and Technology) [2] that govern the security requirements for cryptographic modules used in government systems. FIPS 140-3 is the latest federal security standard, which includes state-of-the-art protection for deployment environments, such as the cloud, where the system could potentially be physically accessed by untrusted parties.
Why is this important (or even relevant) for common (non-federal) workloads? Different security frameworks cater to specific domains or regions, focusing on safeguarding sensitive individual data used in those domains (e.g., name, age, and medical history in the healthcare domain or name, credit, loan, and tax records in the financial domain).
