IronKey

Mobile Data Security Blog

Home  »  Archive by category "IronKey" (Page 2)

by

The Value of Encryption

With high profile security breaches such as the iCloud hack and the leak of celebrities’ private photographs hitting the headlines, the concern for the security of our own personal information and sensitive data is mounting. Apple’s response to the data breach was to increase the level of security following the incident with the introduction of default encryption on phones, demonstrating the importance of encryption as a safeguard to protect data.

Encryption is simply the translation of data into code, using a defined algorithm, and is considered one of the most effective means of ensuring data security. Access to encrypted files requires a key or password that enables you to decrypt it by restoring it to its original form. Whilst most data transmitted over a network is sent in clear text, by incorporating encryption algorithms, users can protect data and make sure that only the intended recipient can decode and read the information.

Although there are many different types of encryption, they all serve the same purpose: to keep our data protected and secure. Storing any sensitive information is inherently risky, but in order to do this effectively, action must be taken to reduce the risks of inappropriate disclosure.

Given that a large amount of data can be stored on USB’s, smartphones and tablets, there is a real danger that personal information could be compromised should such a device end up in the wrong hands. We recently published research which found that over one third of respondents would look at, or try to open/access a device if they found one , showing that even when mislaid devices are found by conscientious members of the public, the devices may be examined and opened.

The problem is that users want devices that are easy to manage, hassle-free and allow them to go about their lives securely. Measures such as optional encryption do not fit into this lifestyle. Users will not hunt down new security features, either because they don’t know they need them, or perhaps think they already have them.

Whether it is personal or corporate data, security needs to be a necessity, and users should be provided with everything they need to protect their intellectual property.

For businesses, encryption can be a simple and effective means to protect sensitive information. Being able to manage and track the encrypted data, knowing who has accessed it, from what location and on what devices that information resides is also essential.

A Windows To Go device is a securely encrypted, IT-managed USB drive that gives businesses control over what happens to sensitive data, and is easy to use. It contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and they receive a secure desktop and secure access to all applications and data they use in an office setting.

Unlike a virtualised or online remote access solution, the portable workspace offers full host computer isolation, meaning documents cannot be saved to the host machine but are saved to the USB drive, which can be locked down and remote wiped if required, and all data will remain secure without the threat of a potential data breach.

Encryption is a valuable and essential tool for securing your data. Don’t give users the opportunity to be unprotected; security needs to be a default – not an option.

by

OMG – eWaste?!

 

The guys in engineering hired some contractors in India and were ready to send them a few laptops :“Stop!” I said.

“Contractors are a perfect use case for Windows to Go. Load up everything your contractors need on a secure PC-on-a-Stick™, including our IT-secured OS, applications, data, and VPN,  and then just mail them the devices – simple and quick. They can run from any computer they want. When they are done, you can remotely disable the device in case they “forget” to return them.”

“Naw, we’ve got a couple of older laptops sitting around and that’s the way we’ve always done it,” replied our head engineer.

“Well, do you what you want but remember I recommended that you switch to this cool, new technology.” I warned.

Two weeks later I checked with the guys and the computers were still hung up in customs. They had shipped them together and thought the total value had crossed some threshold that required more paperwork.

Another week passed and what do you know, the engineers were in my office.

One of the engineers asked, “can you put together a couple of WTG drives for us?”

“Sure can, will just take a few minutes. What happened to the laptops stuck in customs?” I inquired.

They stared at their shoes and looked a bit sheepish. Finally, one spoke up.

“Well, India has instituted a new regulation and they considered those laptops eWaste so they sent them both back to us”.

“E-Waste?!”  I laughed out loud. “So now you want to take my advice and send your contractors WTG devices – glad to see you have smartened up. And by the way, when those older “e-Waste” laptops get back here, they’ll run way faster with your WTG devices so don’t even think about asking for replacements. WTG adds years to a computer’s useful lifetime.” I said matter-of-factly.  E-Waste – ha!

by

Thwarting the Insider Threat

 

Autumn is returning, reluctantly we’re turning our back on summer, and we are looking forward to the Holiday season. Undoubtedly, this comes with increased people taking vacations, working remotely, and the unlucky few taking their laptops on holidays. For many organizations, this is pretty risky business because the sensitive corporate information is now travelling along with their employees. Although many organizations rarely expect their loyal employees to steal company data, many are prepared for security attacks.

Following the Edward Snowden revelations in 2013, IT departments are now tasked with monitoring potential insider threats. Snowden’s work with US intelligence agencies put him in the position of a highly trusted employee, providing him with everything he needed to accomplish what he set out to do. There were no measures in place to prevent what was possibly the biggest information leak in the history of the US.

The risks come from those who intentionally misuse their access to data to cause a detrimental impact on the confidentiality and integrity of sensitive information.

Although there are a number of routes to secure intellectual property, if the authorities, from whom Snowden was stealing from, had a manageable and encrypted flash drive, such as an IronKey™ Windows To Go drive, they could have tracked the information from anywhere. Any activity on the drive could have been monitored from an on-premise or cloud-based management service. This would have ensured them the ability to restrict where the device could be used, or resort to remotely locking it down, so no one could access the data.

If data isn’t encrypted, its integrity can easily and quickly be compromised, and therefore it is essential to know where, and who, is accessing information. This can be difficult across a fragmented IT environment, however, companies need to be confident that if a device is considered to be compromised, they can remotely lock it down, wipe it, or initiate a self-destruct sequence to remove the data, to protect themselves and their stakeholders.

Protecting intellectual property should be a priority for all organizations. Disabling outdated user accounts when employees exit an organization, implementing policies with privileged account passwords, updating them regularly and limiting access to corporate systems, are all crucial to keeping data secure. That’s where the Windows to Go Drive comes in:  a secure, IT-managed, Microsoft certified USB drive that contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and receive a secure desktop  as well as secure access to all applications they use in an office setting.

Unlike a virtualized or online remote access solution, this portable workspace offers full host computer isolation, which means documents cannot be saved to the host machine, but are saved to the USB drive.

This way, all data will remain secure without the threat of a potential data breach ensuring safety for all!

 

IronKey Workspace W700

by

The Problem With BYOD (Computers)

Sure, everybody is excited about BYOD. You can use your personal phone to make business calls and read your corporate email. But the real cost savings for BYOD is “bring your own computer- BYOC”. There is no need to purchase, maintain, and upgrade computers; we just let the employees do that.

But wait; there are two BIG issues with Bring Your Own Computer.  The first is an IT issue. The IT team has to install applications, security tools, and management software onto each employee’s laptop. That means IT has to support a range of computer types (including Macs) and OS versions, and deal with incompatible applications running on the employee’s personal device.

The second issue is all about end-user satisfaction. I can hear the screaming now.  “What do you mean you are going to install monitoring software, file scanning, corporate applications, and Internet proxies on MY PERSONAL COMPUTER??   How much space is that going to take? Does this mean Corporate can see my personal files?” My users will rebel.

Good news for IT and the end user –  both of these issues can be easily addressed with Windows To Go.  Let them use their personal hardware – Macs, PC laptops, tablets – but have them run their corporate workspace from an IronKey ”PC-on-a-Stick”  Windows To Go USB flash drive. They run IT’s corporate Windows image with locked-down security controls and policies, applications, and data, but IT never touches their personal hard drive. Complete isolation between work and personal environments!

If you want happy employees, let them use their personal PC, but have them use an IronKey Windows To Go drive and don’t touch their personal system.  This is truly win-win. IT saves a boatload of money and users have a portable corporate workspace they can plug into their personal laptop, a home computer, or a computer they borrow at work.  When was the last time you rolled out a major cost savings initiative and got happy users at the same time! BYOC – bring it on!

by

Savvy Security Users: IronKey USB 3.0 Hard Drives Now Available!

 

New IronKey™ USB 3.0 SuperSpeed Hard Drive – First to Offer Cloud Management

To all you savvy security users, here’s some great news! The IronKey Enterprise H300 USB 3.0 SuperSpeed external hard drives are now availableThese new devices can be managed in the cloud or on-premise with the same console used to manage IronKey Enterprise S/D 250 flash drives and IronKey Workspace W700/W500 devices for Windows To Go.

What does this mean for existing customers?

This product lets you enjoy the high-performance benefits of USB 3.0 while safeguarding up to 1TB of data on a USB hard drive.  If you want management capabilities, and are already using the IronKey Enterprise Management Console for IronKey Enterprise flash drives or our secure workspace devices, then all you need to do is add this device. Quick and easy! 

What does this mean for new customers?

Looking for an affordable, high-security external hard drive in today’s market? Look no further! New customers can select from two versions of the latest from IronKey: the IronKey Enterprise H300 and the IronKey Basic H300.  Both feature hardware encryption and a Section 508 compliant control panel available in eight languages, but with the IronKey Enterprise H300 hard drive, you’ll also get cloud-based, or on-premise, centralized management capabilities.

What platform is used to manage the IronKey Enterprise H300 drives?

The IronKey Enterprise H300 drives can be managed with the IronKey Enterprise Management Service or Server to establish a secure storage command center for administering the use of IronKey encrypted drives.  Both include advanced management features such as Active Malware Defense and the IronKey Silver Bullet Service so IT professionals can centrally administer policies, re-commission devices that are no longer in use and even remotely wipe, or disable, lost or stolen drives.  All you have to decide is whether you want your management capabilities in the cloud or housed internally. 

And if you happen to lose your password, don’t sweat it! The IronKey Enterprise H300 is the only drive on the market to offer secure password reset when a password is forgotten, without erasing all the content on the drive.

Where can I get an IronKey H300 hard drive?

The IronKey H300 hard drives are immediately available through Imation Mobile Security channel partners. The IronKey Basic H300 can also be purchased on our estore. Pricing is competitive, starting at $199 for 500GB and $249 for 1TB. Enterprise management licensing fees are additional for IronKey Enterprise H300 and start at $24 per year per user for management in the cloud.

What does this mean for you?

IronKey H300 hard drives offer the best value in the market today; enabling you to enjoy the high-performance benefits of USB 3.0 technology, cloud and server management capabilities, and of course, the highest security available.

 IronKey H300_LFT

by

Travel Light and Secure

 

Hi, I’m Peter. I’m a Senior IT guy working for a big, growing enterprise.  I set the strategy and I’m responsible for the execution of IT infrastructure in my organization.   I need to worry about cost, security, and keeping my customers happy. We have pretty solid IT processes leveraging Microsoft tools, so I’m not about to set my IT team on some wild new solution that requires years to integrate. Recently, after a big meeting with the execs on cutting costs, I came across Windows to Go from Microsoft. Here is a solution that is secure, can save tons of money, make my customers happy, and fits into my IT workflow – Freakin’ SWEET!  My CISO stood up and applauded when I presented this to senior MGMT.  Needless to say I’ve become a big fan. In fact, they call me Windows To Go Guy around here. There are so many ways to apply this technology across my organization. I don’t get a commission on this stuff – I just love cool technology that makes sense. Here’s my blog entry:

Disclaimer: This blog is based on real Windows To Go ® use cases.  The character is fictitious to protect the names of our customers.  Any resemblance to actual customers is coincidental and not intentional.

I’m a Windows to Go guy. I carry my workspace around with me in my pocket, wherever I go. I don’t have to worry about hiding a laptop under the car seat. I don’t have to worry about it sliding off the seat during a sudden stop and I don’t need to try fit it under my coat during a sudden downpour.

One evening after work I had promised to stop at the local store to pick up some groceries. In line ahead of me were some military personnel dressed in camo. I noticed one person was carrying her laptop.
“Hey folks, I really appreciate what you guys do for our Country, but tell me, what’s with the laptop in the grocery store-are you expecting an email from the president?” I joked.

The corporal replied, “Military rules- laptops can’t leave our side. We even take them into the bathroom”.

“That stinks,” I replied.  “Let me show you something,” I replied. I whipped out my IronKey Workspace W500™, my PC on a Stick™ and explained that this was my laptop, FIPS secured against the worst imaginable attacker. It is virtually indestructible too, and I intentionally dropped it onto the hard tile floor to make my point.

“I have got to get my hands on one of those” she said.

“You are right about that, we can make your next bathroom or grocery stop a much more pleasant experience.” I replied.

by

Standing Room Only: BadUSB at Black Hat

 

Our special guest blogger is Chris Louie, an IronKey sales engineer, who joined the company in 2011. 

As I took my seat in the packed Black Hat ballroom, I could sense the level of concern as everyone anxiously awaited the findings on BadUSB. Attacks against USB flash drives are nothing new, but they’ve always centered on the data being compromised or leaked.  Now we’re about to learn about a radically different type of attack. Suddenly the lights dim and the session title flashes across the screen: “BadUSB – On accessories that turn evil” presented by the authors of the malware.

Immediately, things looked bleak for security-minded professionals everywhere. A new type of threat has emerged! Malware is no longer relegated to only files stored on USB flash drives, but can now reside in the controller firmware inside the USB flash drive. And to make matters worse, it doesn’t just affect USB flash drives, but any USB device that has the ability to update its firmware, such as Android-based phones and tablets. BadUSB also has the ability to trick the computer into thinking a flash drive is a mouse or keyboard. Once a computer is infected, it will attempt to infect every USB device that connects to it in the future.

Now if that’s not enough to keep CIOs and CISOs awake at night, the malware authors state that there is currently no mechanism to detect or remove BadUSB from affected devices and computers. It acts as a launch pad to attack computers with the malware author’s attack of choice. Installation of Remote Access Trojans, key loggers, DNS cache poisoning, botnet creation and ransomeware are just a few of the cyber-criminal tools that can be deployed with the help of BadUSB.

Fortunately, not all is lost! BadUSB takes advantage of a commonly found practice in the flash drive industry: the vast majority of USB devices do not require digitally signed code in order to do a firmware update. Since day one, every IronKey device has followed the best practice of requiring digitally signed code for firmware updates to protect against this exact type of attack vector.

During the Q&A session with the malware authors, someone asked if requiring digitally signed code for firmware updates would protect a USB device from this attack.  The audience were assured that those devices are not vulnerable to this attack.

So get rid of that potentially dangerous flash drive and upgrade to a secure flash drive that cannot get infected with BadUSB.

 

 

by

New IronKey Channel Program Debuts at Microsoft Worldwide Partner Conference

 

Interested in capitalizing on the emerging opportunities available with Windows To Go?   The IronKey Partner Program unveiled at this week’s Microsoft Worldwide Partner Conference in Washington DC.  Designed to make our partners successful, the new program, consisting of Platinum, Gold and Silver levels, enables security resellers and Microsoft Certified Partners to more easily and profitably sell the family of IronKey Workspace PC on a Stick™ products for Windows To Go.   If you’re at the show, stop by our booth #621 to learn more.

Our new IronKey Channel Program elements include:

* A deal registration program offering generous margins and recurring revenue from license and maintenance renewals.

* Training via a variety of formats including new online courses.

* An enhanced partner portal for lead tracking, sales and marketing support programs and technical resources.

We’re hearing great things from our partners about the reception to Windows To Go as organizations look to meet the needs of an evolving mobile workforce.   But don’t take my word for it; here’s what our partners had to say:

Ed McNamara, Director of Communications and Marketing at SHI International Corp

“The BYOD trend has been a closely watched topic as the demands of a more mobile workforce clash with IT’s need to keep corporate data and the network secure. We’re looking forward to providing customized Windows To Go solutions for trusted IT-managed workstations.”

Ted Murphy, President of Matrix Mobile Security Solutions

“The healthcare industry is notoriously slow in adopting new technologies because of stringent regulations and compliance requirements for protecting patient health information (PHI). Together, Windows To Go and IronKey’s secure PC on a Stick are a breakthrough in supporting a more mobile healthcare workforce while ensuring security.”

Larry Hall, Vice President of Purchasing and Partner Development at Paragon Micro

“New mandates are requiring a certain percentage of federal employees to be teleworkers. Federal agencies are struggling to meet these mandates due to security concerns that unauthorized devices could access government networks. Based on the early success we’ve had with a large federal agency, we see great value in being an Imation partner selling the IronKey secure mobile workplace solution.”

Click here to learn more about the partner program.

by

IronKey Workspace W700 Drives with FIPS 140-2 L3 Set New Standard in Mobile Workspaces

 

Great news for government and other highly-regulated enterprises that require a FIPS 140-2 Level 3 Windows To Go drive— IronKey Workspace W700 ™ drives are now available!   Our W700 PC on a Stick™ drives are the first Microsoft-certified Windows To Go devices to be FIPS 140-2 Level 3 validated. Now you can enjoy all the benefits of Windows To Go while meeting strict data security mandates.

Why is this Significant for Government Agencies?

If your agency is looking to provide mobile workspaces for your contractors, field workers, employees who want to BYOD or telework, this solution is a “no brainer”.  The Windows To Go approach is up to 90 percent more cost effective and more secure than issuing a new laptop or using VDI.  Visit our use case section to learn how agencies are using Windows To Go today (link to Use Case section).

What is Windows To Go?

Windows to Go is an enterprise feature of Windows 8.1 that lets people be productive from almost any location they choose to work by inserting the Windows To Go USB drive into any compatible PC of their choice. An organization’s corporate image, operating system, applications and data are all contained on the Microsoft-certified IronKey Workspace USB drive. The host PC boots completely off the Windows To Go drive using local resources such as monitors, CPUs and network connections.  The Windows To Go drive can be centrally managed and offers remote wipe features to protect against loss and theft. The Windows To Go solution is ideal for mobile workers, teleworkers and contractors, fueling secure “Bring Your Own Device” (BYOD) strategies that allow employees to use their home PCs for work.

IronKey Workspace W700

by

Securely Working from Home – Freakin’ SWEET!

 

Hi, I’m Peter. I’m a Senior IT guy working for a big, growing enterprise.  I set the strategy and I’m responsible for the execution of IT infrastructure in my organization.   I need to worry about cost, security, and keeping my customers happy. We have pretty solid IT processes leveraging Microsoft tools, so I’m not about to set my IT team on some wild new solution that requires years to integrate. Recently, after a big meeting with the execs on cutting costs, I came across Windows to Go from Microsoft. Here is a solution that is secure, can save tons of money, make my customers happy, and fits into my IT workflow – Freakin’ SWEET!  My CISO stood up and applauded when I presented this to senior MGMT.  Needless to say I’ve become a big fan. In fact, they call me Windows To Go Guy around here. There are so many ways to apply this technology across my organization. I don’t get a commission on this stuff – I just love cool technology that makes sense. Here’s my blog entry:

Disclaimer: This blog is based on real Windows To Go ® use cases.  The character is fictitious to protect the names of our customers.  Any resemblance to actual customers is coincidental and not intentional.

Perhaps I’m a bit of a workaholic, but I don’t think I’m alone. After the kids go to bed, I read email, work on reports, look at presentations, and study excel spreadsheets. I’ve tried webmail  and VPN access to file shares from my home computer, but it is just not the same as having your own workspace at home with you. For the past 20 years, I’ve had to lug my laptop between work and home. But laptop screens are tiny when you are looking at a 50-column spreadsheet or comparing two documents side by side.  My home computer on the other hand, has a 27” monitor, surround sound, and fast direct Ethernet connect. In addition, we just bought a new Mac – sweet! I’ve wanted to use my home set-up for work and I’ve waited patiently, for 20 years to solve this problem.

Enter Microsoft Windows to Go. Six months ago, I loaded my entire workspace onto a tiny IronKey Workspace W500 ™ USB 3.0 flash drive with the works: OS, apps, AV scanners, and data.. With 128Gbyte, there is plenty of space. When I’m at work, I plug this device into my work computer and run my workspace from the drive. Because it is flash, it runs much faster than my spinning hard drive in the host computer. When it is time to leave the office, I simply unplug the USB drive, stick it in my pocket, and head for home for dinner with the kids.

Later in the evening, I retire to my man-cave, slide the IronKey Workspace W500 flash drive into my mega machine, and my workspace magically appears before me. I settle back into my deep cushion chair, turn down the lights, fire up some hard rock, and slip back into my working world in the comfort of my home. Now that’s productive work at home!