Keep by Feenics achieves FICAM compliance and GSA listing for government agencies

April 20, 2020
As the federal government gets comfortable with the cloud and strategizes rapid expansion, Feenics stands ready with a fully compliant FIPS 201 solution

Ottawa, Can., April 20, 2020—Feenics announced that its Keep by Feenics™ cloud-hosted access control platform is now certified and approved for government and federal agency use in Personal Identity Verification (PIV) credentialing and Physical Access Control Systems (PACS).

Feenics attained its listing on the GSA Approved Products List (APL) for all versions of Keep after completing the Federal Information Processing Standard (FIPS) 201-2 Evaluation (sometimes called FICAM) Testing Program. FIPS 201 was developed to satisfy the technical requirements of HSPD-12, the Department of Homeland Security’s mandated common identification standard and database for credentialing federal employees and contractors.

After months-long testing, review and validation of the platform by third-party accredited testing lab CertiPath, both on-premise and cloud-hosted server applications of Keep satisfied requirements to become available for procurement by federal entities and listed on the GSA Schedule.

As the government targets the acceleration of cloud-hosted deployments through its Cloud Smart strategy, Feenics has effectively opened new channels of business for its value-added resellers and integrators, said Chris Smith, who leads federal government efforts at Feenics. “Keep was validated against a rigorous, comprehensive set of functional requirements derived from government-wide specifications,” said Smith, adding that more than 300 tests were conducted in an installed simulation at CertiPath facilities.

“This certification affirms the Keep proof of concept as a secure platform for federal government applications,” he added. To maintain this status, Keep Access Control as a Service (ACaaS) software will undergo ongoing evaluation of new and updated versions.

“There’s a cloud-first mentality across U.S. government agencies that will help reduce the carbon footprint of hardware, while improving efficiencies with real-time updates, redundancies and lower maintenance costs,” said Paul DiPeso, Feenics Executive Vice President. “Receiving our FIPS 201 approval and attaining our APL validates the direction of access control in this vertical market.”

DiPeso said the government is heading rapidly in the direction of increased cloud implementation, especially as new IT modernization initiatives emerge. “We believe we can be a major asset to the government’s push to cloud adoption.”

Keep software integrates directly with the Authentic Mercury Security controller that authenticates the PIV credential, rather than a separate communication module, further reducing the installed hardware footprint.

“As the cloud and serverless environment proliferates in the government space, there’s a move to lessen reliance of onsite hardware,” said Matt Barnette, President of Mercury Security. “Having enterprise-enabled access control solutions like Feenics using HID’s pivCLASS solution via Mercury’s LP4502 controller brings additional applications to installers and customers alike.” (Feenics is a Platinum Partner to Mercury Security, an HID company.)

Feenics continues to fortify its position as an ACaaS market leader, certified as an International Organization for Standardization ISO 9001:2015 company. In addition, the company recently received a 2020 Platinum Govies Award from Security Today in the Access Control Software/Controllers category.

Note: To obtain a letter of supply for the FIPS 201 APL contact Chris Smith at Feenics at [email protected].

About Feenics

Feenics is the maker of Keep, a cloud-hosted platform that provides extreme scalability, unprecedented flexibility and advanced security in ACaaS applications. It integrates native visitor management and a RESTful API that allows systems installers simple integration of a wide array of complementary systems and open hardware devices, generating new revenue streams while creating a path for customers to lower their total cost of system ownership. Keep by Feenics gives users the choice of on-site servers or offsite cloud deployment, hosted by the public cloud Amazon Web Services. Keep significantly minimizes costs through simple, maintenance-free and automatic upgrades, patches, disaster recovery and back up.

Feenics, headquartered in Ottawa, Canada, is paving the way for the future of physical security with innovative cloud-based access control solutions developed by industry veterans. We make it possible for organizations to systemically secure buildings, doors and assets with Keep by Feenics, an access control as a service (ACaaS) platform built specifically for and hosted in the public cloud.

The powerful UI is accessible via an evergreen Windows desktop app, web client and mobile apps.  Using open field hardware by Mercury, Feenics works with industry leading video, intrusion and wireless lock manufacturers and delivers these robust solutions through its integration channel partners around the world. 

Cyber-readiness is critical, and Feenics accomplishes this through TLS 1.2 encryption, eliminating inbound ports at client sites, use of multi-factor authentication, third-party security testing (Veracode) and no default passwords.  Keep reduces the total cost of ownership (TCO) by eliminating traditional on-site servers, while providing high availability, redundancy and a full disaster recovering environment.  Built for the SMB to Enterprise client, with its multi-tenancy capability, while using Amazon Web Services’ availability zones and horizontal scalability.  For more information, visit