Virtru uses AES-GCM encryption with 256-bit keys for all encrypted content, covered under the FIPS-197 standard. This is a strength of protection that exceeds NIST baseline requirements.
Virtru also requires all connections to enforce "Elliptic curve Diffie-Hellman" - or ECDHE - to protect the confidentiality of communication channels, including key exchanges. This is not required under FIPS, but is considered the very best practice available.
AES-128 is approved for protection of US Government Secret data, and Virtru's use of AES-256 GCM mode is sufficient to protect Government Top Secret data under NSA's Suite B.
These measures are all implemented to ensure we exceed all current minimum requirements allowing for the protection of data that is far more future-facing.
With the above stated, FIPS 140-2 validated modules are available for use in Virtru's encryption products. These are included by default for Microsoft Outlook and can be accessed by enabling FIPS mode within the operating system. Our Android and iOS apps also include FIPS 140-2 modules by default. For Virtru's Chrome browser extension and Gateway products, FIPS mode must be enabled administratively by a Virtru employee. In some instances of the Gateway, we may require that you work with a Virtru engineer to implement FIPS 140-2.
If you have a specific need to downgrade from the implemented FIPS 197 suite to FIPS 140-2 please contact your Virtru representative or Virtru Support.