IronKey

Mobile Data Security Blog

Home  »  Archive by category "Cybersecurity"

by

Ready for Windows 10? IronKey Windows To Go is Windows 10 Ready

 

Windows 10 is just around the corner— with Terry Myerson announcing on Blogging Windows that Windows 10 Enterprise will be available to Volume Licensing customers beginning August 1st. The release of Windows 10 appears to be one of the most exciting releases for enterprise customers with a long list of compelling new features for security, update, and management flexibility. There are lots of good posts out there detailing predictions on what will be delivered in Windows 10 Enterprise, but in tandem with end user experience updates like the return of the Start Menu, this is the version of Windows we’ll all standardize on over time.

Windows 10: Go Ahead and Give it a Try!

Windows To Go remains a bright spot and as a key benefit of Software Assurance (and VDA licenses), the momentum will continue. As we announced at Microsoft Ignite, IronKey Windows To Go devices are now fully ready for Windows 10!  So what exactly does that mean?  If you have an IronKey Windows To Go device, you can install Windows 10 now.  Whether you’re testing builds from the Windows Insider Program or waiting for the first releases on August 1, IronKey’s Windows To Go devices can be deployed straightaway. We’re using our IronKey W300 and W500 devices to explore and test Windows 10 functionality for ourselves so feel free to give it a try.

blogpic

If you’ve purchased our Mass Provisioning Tool and our scriptable Command Line Utility to produce many devices simultaneously, we are currently testing in this environment and will provide more information as we learn more. To date, the only restriction we’re seeing is that you’ll need to build Windows 8.1 devices from a Windows 8.1 PC, and Windows 10 devices from a Windows 10 PC.   From our testing efforts, and as we make use of the Windows DISM for some operations, we are seeing a need for version consistency with the current version of our tools. We’ll continue to investigate in order to make any updates as our testing proceeds. 

In short, IronKey Windows To Go is ready for Windows 10.

Haven’t Experienced Windows To Go? 

For those who haven’t yet experienced Windows To Go and want to give it a try, we’re offering a Windows To Go Intro Kit on our eStore.   Each Windows To Go Intro Kit features a 32GB IronKey Workspace W300 device with a 90-day trial version of Windows 8.1 pre-loaded, a right-angle USB adapter, and an IronKey lanyard for $89.00.  To purchase, visit IronKey eStore.  The kits will soon be available with Windows 10. 

Need to Learn More About Microsoft Licensing?

On an additional note, I’m often asked about licensing Windows for Windows To Go so I will be covering that in my next blog post. Here’s the simple summary— most Volume License holders have Software Assurance so they’re ready to deploy. If you’re not sure, I’ll be covering licensing in detail next month so please check back with us.  

by

LATEST DATA BREACH: EVERY U.S. FEDERAL EMPLOYEE AFFECTED

 

Our special guest blogger is Tav Venia, an IronKey sales engineer, who is based in the Washington DC area and serves our Federal and Enterprise clients. 

Unfortunately, we’ve all heard about the hack on the personnel records and social security numbers for more than 4 Million+ Federal Employees at a U.S. Government Agency.  Data lost, stolen, or hacked:  it just represents another failure to protect our federal data.  For this, and many other reasons, now more than ever it’s imperative that all types of data is securely protected— federal, classified, FOUO (For Official Use Only), defense, employee, personal, etc.   Now is the time to get out in front of any and all possible threats and attacks to assure ourselves that our data is safe and secure from what can turn into “Tomorrow’s Headline”.   

Government employees are more mobile— working in the office, in the field and from home— which increases the potential for even more data exposure risks.  The ability to securely store and transport data while on the move is a necessity.  As the Federal Team Sales Engineer, I see how our U.S. Government and Agency customers are using the IronKey™ line of hardware encrypted hard drives to securely store and protect their sensitive information, among many, many other reasons.  But with the release of our newest hard drive, the IronKey H350, government agencies can enjoy the speed and performance advantages of USB 3.0 technology while realizing the benefits of the world’s most secure USB devices including FIPS 140-2 Level 3 certification, AES-XTS 256-bit hardware encryption and centralized management.    

Our customers can now save, backup and move data wherever they may be much more rapidly taking advantage of the USB 3.0 speeds.  As technology advances, data files are exponentially growing in size, the ability to securely store and move data quickly and efficiently from the field back to the government or agency office is of even greater importance.  Forgotten password?  No worries. On managed enterprise hard drives, IronKey provides the only secure password reset mechanism that allows users to recover data without erasing the contents on the drive or using a backdoor to reset the password.  Additionally, when data is not being access or used, the IronKey H350 can protect and secure Data At Rest (DAR), another use case of importance to our U.S. Government and Agency customers.  

Personally, with my job, I am constantly on the move traveling from place to place.  I use the IronKey H350 to back up all of my laptop data because we have all been there when Windows crashes and/or becomes corrupted giving us the Blue Screen of Death (BSOD) rendering our data lost and unrecoverable.  This can be a result of a Windows error or a simple drop of your laptop which damages the hard drive.  I don’t ever want to be caught in a situation where I don’t have a backup of my data.  Thanks to my IronKey H350 USB 3.0 hard drive, it now takes less than an hour to back up all of my data, a process that used to take many hours using a USB 2.0 Hard Drive.

by

Keeping Patient and Hospital Information Safe

In September 2014, Forrester Research published a brief titled “Stolen and Lost Devices Are Putting Personal Healthcare Information at Risk”. Amongst the findings were two important trends:

Healthcare is becoming more mobile – approximately one-third of healthcare employees now work outside the office or clinic at least once a week.

Healthcare records are five times more likely to be lost due to device theft or accidental loss.

Today, personal healthcare information (PHI) records are more accessible than ever before. These PHI records contain important personal information such as social security numbers, medical history, and insurance information. Technological progression in the medical world is giving us advancements such as real time medical data on our smartphones and mobile messaging systems so hospital staff can get to patients faster. Although this progression is exciting, with all of this patient information floating around in technology, it makes it harder to keep our data safe.

With so much mobility, it’s not surprising that data protection has become a big problem. Mobile devices are simple to carry from one workplace to the next, but they can be easy to lose. To protect our data, we need a way to prevent unauthorized people from accessing the content of a lost or stolen device.

The solution is to use encrypted USB or external hard drives, such as the new IronKey™ S1000 3.0 USB. These secure storage devices combine encryption, which encodes data, making it unreadable to all but authorized users, with cloud-based management functionality that enables an organization to remotely wipe data from a device even if it is no longer in their possession.

Healthcare facilities need to address the realities of mobile work practices but they also need to protect the information in their care. The task is made a lot easier with a good device policy and the right tools.

by

The Age of Hacking

In today’s digital age, teaching children to code seems like a fantastic idea. Children are already spending huge amounts of time using technology, whether it’s a laptop, smartphone or tablet device and these IT skills can be essential in their future careers. However, whilst we must help a new generation of competent workers prepare for the digital world, how can we make sure that children will use their coding and programming skills for good and not evil?

Over the past years we’ve seen a number of technological innovations aimed at equipping children with basic programming and coding skills – from the Raspberry Pi to the recently launched Hackaball, a programmable ball aimed towards 6-10 year-old children. This demographic has been a key target for the UK government who have dominated the primary computing curriculum since September 2014.

However, with these skills being so easily transferrable to illegal activities such as hacking and cybercrime, how can we ensure that the lure of mischief, malice and money won’t sway children to ‘the dark side’? In January of this year, a seven-year-old girl hacked a public Wi-Fi network in just over ten minutes by learning how to set up a rogue access point to activate what is known as a ‘man in the middle’ attack. We know that this is already happening – hackers as young as 16 years old have been arrested for cybercrime, and the Home Office has warned that young video game hackers could be the next generation of cybercriminals.

So how can we tackle this? When it comes to children and young adults, the first place to start is at school and at home. Responsible adults, teachers and parents have a duty to ensure that their children, or pupils, are not engaging in criminal activity, and this is no different in the cyber world.

However, the problem we encounter here is the massive gulf between adults and children when it comes to understanding technology. An Ofcom survey released in August last year found that younger people have a far more advanced understanding of technology devices than adults – with 6 year olds having the same level of knowledge as the average 45 year old. In fact, teenagers aged between 14-19 years old are the most digitally confident in the UK.

If teachers and parents are to monitor and guide young people’s use of technology and make sure they’re not becoming involved in cybercrime, they must first be able to understand the technology themselves.

Secondly, we must consider the types of devices and technology that young people are using and put appropriate security measures in place to limit the possibility of malicious use. Technology like the Windows To Go USB Flash Drive would give young coders a replica desktop, just like the one they have at school, that they can take home and use on any device, without affecting or accessing the data and operating system sitting on that device. With a Windows To Go device it’s very easy to manage activity. The school can control the transfer of information and wipe, delete, monitor actions on the device, this way, the youngsters can hone their coding skills without being able to get in trouble by conducting activities outside the school’s remit.

What is clear is that we must not discourage children from learning these skills – they are absolutely essential for future employment and also play an important role in their everyday socialising with their peers. We must also accept that we cannot stop this evolution. Children are already learning these skills, with or without your knowledge and input, so the best we can do is to help shape that knowledge and put them on a good path.

by

The Value of Encryption

With high profile security breaches such as the iCloud hack and the leak of celebrities’ private photographs hitting the headlines, the concern for the security of our own personal information and sensitive data is mounting. Apple’s response to the data breach was to increase the level of security following the incident with the introduction of default encryption on phones, demonstrating the importance of encryption as a safeguard to protect data.

Encryption is simply the translation of data into code, using a defined algorithm, and is considered one of the most effective means of ensuring data security. Access to encrypted files requires a key or password that enables you to decrypt it by restoring it to its original form. Whilst most data transmitted over a network is sent in clear text, by incorporating encryption algorithms, users can protect data and make sure that only the intended recipient can decode and read the information.

Although there are many different types of encryption, they all serve the same purpose: to keep our data protected and secure. Storing any sensitive information is inherently risky, but in order to do this effectively, action must be taken to reduce the risks of inappropriate disclosure.

Given that a large amount of data can be stored on USB’s, smartphones and tablets, there is a real danger that personal information could be compromised should such a device end up in the wrong hands. We recently published research which found that over one third of respondents would look at, or try to open/access a device if they found one , showing that even when mislaid devices are found by conscientious members of the public, the devices may be examined and opened.

The problem is that users want devices that are easy to manage, hassle-free and allow them to go about their lives securely. Measures such as optional encryption do not fit into this lifestyle. Users will not hunt down new security features, either because they don’t know they need them, or perhaps think they already have them.

Whether it is personal or corporate data, security needs to be a necessity, and users should be provided with everything they need to protect their intellectual property.

For businesses, encryption can be a simple and effective means to protect sensitive information. Being able to manage and track the encrypted data, knowing who has accessed it, from what location and on what devices that information resides is also essential.

A Windows To Go device is a securely encrypted, IT-managed USB drive that gives businesses control over what happens to sensitive data, and is easy to use. It contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and they receive a secure desktop and secure access to all applications and data they use in an office setting.

Unlike a virtualised or online remote access solution, the portable workspace offers full host computer isolation, meaning documents cannot be saved to the host machine but are saved to the USB drive, which can be locked down and remote wiped if required, and all data will remain secure without the threat of a potential data breach.

Encryption is a valuable and essential tool for securing your data. Don’t give users the opportunity to be unprotected; security needs to be a default – not an option.

by

Thwarting the Insider Threat

 

Autumn is returning, reluctantly we’re turning our back on summer, and we are looking forward to the Holiday season. Undoubtedly, this comes with increased people taking vacations, working remotely, and the unlucky few taking their laptops on holidays. For many organizations, this is pretty risky business because the sensitive corporate information is now travelling along with their employees. Although many organizations rarely expect their loyal employees to steal company data, many are prepared for security attacks.

Following the Edward Snowden revelations in 2013, IT departments are now tasked with monitoring potential insider threats. Snowden’s work with US intelligence agencies put him in the position of a highly trusted employee, providing him with everything he needed to accomplish what he set out to do. There were no measures in place to prevent what was possibly the biggest information leak in the history of the US.

The risks come from those who intentionally misuse their access to data to cause a detrimental impact on the confidentiality and integrity of sensitive information.

Although there are a number of routes to secure intellectual property, if the authorities, from whom Snowden was stealing from, had a manageable and encrypted flash drive, such as an IronKey™ Windows To Go drive, they could have tracked the information from anywhere. Any activity on the drive could have been monitored from an on-premise or cloud-based management service. This would have ensured them the ability to restrict where the device could be used, or resort to remotely locking it down, so no one could access the data.

If data isn’t encrypted, its integrity can easily and quickly be compromised, and therefore it is essential to know where, and who, is accessing information. This can be difficult across a fragmented IT environment, however, companies need to be confident that if a device is considered to be compromised, they can remotely lock it down, wipe it, or initiate a self-destruct sequence to remove the data, to protect themselves and their stakeholders.

Protecting intellectual property should be a priority for all organizations. Disabling outdated user accounts when employees exit an organization, implementing policies with privileged account passwords, updating them regularly and limiting access to corporate systems, are all crucial to keeping data secure. That’s where the Windows to Go Drive comes in:  a secure, IT-managed, Microsoft certified USB drive that contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and receive a secure desktop  as well as secure access to all applications they use in an office setting.

Unlike a virtualized or online remote access solution, this portable workspace offers full host computer isolation, which means documents cannot be saved to the host machine, but are saved to the USB drive.

This way, all data will remain secure without the threat of a potential data breach ensuring safety for all!

 

IronKey Workspace W700

by

The Cost of Cybercrime

 

Hackers are holding the world to ransom with cyber-attacks costing the global economy more than £238 billion a year¹. These attacks damage the global economy almost as much as illegal drugs and piracy, with financial losses from cyber theft resulting in a potential 150,000 European job losses.¹ Cybercrime is a growing menace which is proving to be an ever growing challenge for individuals and businesses. US retailing giant Target saw its earnings drop 46% after an attack that leaked more than 40 million customer credit card details², whilst eBay and Office have also been ‘hit’ this year, with customer data compromised.

Despite these devastating implications, the public, corporates and their employees continue to be careless with their valuable and highly confidential data –residing on laptops, tablets and mobile devices. Cyber espionage and theft of individuals’ personal information is believed to have affected more than 800 million people during 2013¹, and our mobile working culture has made data security an even greater challenge.

With IDC estimating that over one million smartphones were shipped last year³, someone somewhere in your company is using a personal, mobile device to connect to a corporate network and download sensitive data – making your organization a sitting target for cybercriminals. Companies must equip their employees with the means to protect corporate data from threats such as identity theft and cyber espionage, whilst mitigating the dangers associated with unsecured devices and free Wi-Fi hotspots.

Mobile devices need to maintain the same high levels of security as office-based desktops and servers, with only IT provisioned laptops or tablets connected to corporate networks. But, the best way of ensuring hackers can’t gain access to your company data, is by storing all your data on a secure fully encrypted Windows To Go USB flash drive. It provides employees with an IT managed and provisioned Windows workspace that replicates their secure office desktop environment, on any device that the USB is plugged into. This also means IT departments do not need to deploy individual computers but rather can deploy the Windows To Go workspace on USB drives which saves time, resources and introduces vast cost savings.

Staff awareness plays a crucial role in protecting the company network against cybercrime. Often under-estimating the inherent security risks of using personal devices in the office, employees must be educated to handle these responsibly – on a proactive, ongoing basis rather than waiting until a security breach occurs, when it’s too late.

With so many high profile security breaches making the headlines, organizations want to know that corporate data is secure at all times, regardless of where it resides, whilst employees need the flexibility to work remotely. Cybercrime can have a devastating impact on your business in terms of cost and reputation. Your organization can’t afford to be tomorrow’s headline…

 

Sources:

¹McAfee report, June 2014 – Net Losses: Estimating the Global Cost of Cybercrime

² http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data

³ International Data Corporation (IDC)Worldwide Quarterly Mobile Phone Tracker, Jan 2014

 

 

 


 

 

 

by

Travel Light and Secure

 

Hi, I’m Peter. I’m a Senior IT guy working for a big, growing enterprise.  I set the strategy and I’m responsible for the execution of IT infrastructure in my organization.   I need to worry about cost, security, and keeping my customers happy. We have pretty solid IT processes leveraging Microsoft tools, so I’m not about to set my IT team on some wild new solution that requires years to integrate. Recently, after a big meeting with the execs on cutting costs, I came across Windows to Go from Microsoft. Here is a solution that is secure, can save tons of money, make my customers happy, and fits into my IT workflow – Freakin’ SWEET!  My CISO stood up and applauded when I presented this to senior MGMT.  Needless to say I’ve become a big fan. In fact, they call me Windows To Go Guy around here. There are so many ways to apply this technology across my organization. I don’t get a commission on this stuff – I just love cool technology that makes sense. Here’s my blog entry:

Disclaimer: This blog is based on real Windows To Go ® use cases.  The character is fictitious to protect the names of our customers.  Any resemblance to actual customers is coincidental and not intentional.

I’m a Windows to Go guy. I carry my workspace around with me in my pocket, wherever I go. I don’t have to worry about hiding a laptop under the car seat. I don’t have to worry about it sliding off the seat during a sudden stop and I don’t need to try fit it under my coat during a sudden downpour.

One evening after work I had promised to stop at the local store to pick up some groceries. In line ahead of me were some military personnel dressed in camo. I noticed one person was carrying her laptop.
“Hey folks, I really appreciate what you guys do for our Country, but tell me, what’s with the laptop in the grocery store-are you expecting an email from the president?” I joked.

The corporal replied, “Military rules- laptops can’t leave our side. We even take them into the bathroom”.

“That stinks,” I replied.  “Let me show you something,” I replied. I whipped out my IronKey Workspace W500™, my PC on a Stick™ and explained that this was my laptop, FIPS secured against the worst imaginable attacker. It is virtually indestructible too, and I intentionally dropped it onto the hard tile floor to make my point.

“I have got to get my hands on one of those” she said.

“You are right about that, we can make your next bathroom or grocery stop a much more pleasant experience.” I replied.

by

Will the World Cup Result in a Red Card for your Business?

 

With the ‘Hacktivist’ group Anonymous having announced they were preparing a full scale cyber-attack on the World Cup’s corporate sponsors during the tournament, and an influx in World Cup related malware, security threats are likely to be the topic of choice for all those looking to protect against potential breaches and attacks during the tournament.

IT managers will have been steeling themselves for a potential spike in lost corporate devices, such as USB’s, tablets and mobile devices, during the World Cup. Whether it be a flight to Brazil, a booze fuelled train journey home, or live streaming a match from your laptop, the potential for a security breach, and the resulting consequences, could be more excruciating than a bite from Luis Suarez!

Whilst the tournament might be coming to a close, the risks associated with remote workers and mobile devices are still an inherent danger to corporate data. Many of us undertake work while commuting, with little regard for the security of the information we are working on, so whether you are lucky enough to have flown out to watch a match, or simply travelling home after watching the game in the pub, the need to secure your devices is never more crucial.

With shrinking boundaries between work devices and work-enabled personal devices, the risk of corporate data falling into the wrong hands is a huge possibility. Employees dropping memory sticks, leaving files on trains, and laptops in bars, are all high probabilities, and inevitably, these devices will contain data not meant for prying eyes.

Failing to protect the vast volumes of information they carry and not equipping employees with the IT tools required to securely manage and handle information while travelling could result in a ‘red card’ for your business.

No computer or tablet not ‘locked down’ by IT should ever be connected to the corporate network, either from inside (fixed line or BYOD) or outside (VPN of VDI). Allocating employees a corporate computer for use inside the network and an IT secured USB device for outside would simplify security and avoid frustrations typically related with tight security policies such as these.

Whether your data is in transit or at rest, encryption is absolutely essential to safeguarding confidential company information. Whether you use strong authentication or hardware encryption will very much depend on your organisation, you need to be able to manage encrypted devices in order to ensure that if there are any concerns that data integrity has been compromised it is possible to remotely wipe the device.

Accidents will happen, but being vigilant in your security practices, and, educating and enabling your employees could be as easy as knocking England out of the Cup altogether.
redcard

by

When It Comes to the Cloud, What do Small Businesses Need to Think About?

 

The move towards hosting applications in the cloud shows no signs of petering out. More and more companies are keen to realise the operational benefits that a cloud-
based model has to offer; not to mention the possibility to reduce some CAPEX spend. While many emerging technologies can feel like they are exclusively for the ‘big
boys,’ the great thing about the cloud is that whether you are one person or several thousand, there is a platform out there to help you meet your requirements.

The one downside to being a small business however is that often you don’t have the in-house IT knowledge to understand what, if any, security issues you could be
opening up your business to by opting to store data in the cloud. Here are my top tips to helping you make the most of the cloud, while remaining secure:

* Most small businesses aren’t all that concerned about cloud security and are keen to tap into the benefits that the cloud has to offer. However, as a note of caution, think
carefully about your cloud strategy. While providers might proclaim their offering to be “secure enough”, SMBs shouldn’t accept this assertion at face value – especially if
you intend to store customer data in the cloud as there are strict laws that govern how data is stored, managed and protected.

* Many SMBs can be confused about the best way forward, but take a look at larger companies operating in your sector, what lessons can you learn from them? Are they
using public or private clouds to give employees access to shared data? In the context of your organisation what are the pros and cons of each?

* While it can be tempting to think that your cloud provider ‘has everything covered’ it pays to know what is happening ‘under the hood’ of your cloud security offering. For
example, if the cloud service is responsible for the encryption of data, there is a risk that your keys can be compromised either internally by an employee or by a hacker
who is able to breach the management system and retrieve the keys. To be as secure as possible SMBs, and not their provider, should own and control the encryption
keys.

* For the director of a SMB all this talk of encryption and keys might sound a bit daunting, but the key piece of advice here to mitigate the risk of cloud services is to ensure
that if you are storing data in the cloud that you encrypt the data before it reaches the cloud and apply an enhanced level of key management to avoid it being
compromised. And ensure that the data and the encryption keys aren’t stored together!

SMBs need to think carefully about their security strategy, how it can enable their business and if software encryption is right for them. “Good enough” security in today’s
rapidly evolving cyber security landscape will not protect your organisation – or your customers – from persistent and sophisticated attackers. Hopefully the above pointers
are a good starting point for ensuring that, when it comes to the cloud, you’ve got the right security measures in place.