Encrypted Storage

/Encrypted Storage

Military and Secure Data

There are few organizations that require higher security measures for their data than those in the military sector. From small agencies and mobile teams to larger bases and headquarters, maintaining secure data is an important component of successful operations.

Here are three areas where data security for the military is most critical.

Personnel

Those who participate in military operations and processes—including those in the private sector who work on government contracts or other military-related projects—are subject to thorough background checks, security clearances, and continued reporting. And all of those precautions can be put at risk in the case of a data breach or security violation.

Using military-grade data security for military personnel can keep your team and your work safe from security incidents or compromised data no matter where they are.

Weapons

Keeping weapons and armaments secure is truly a matter of life and death, and that goes for the manuals, plans, blueprints, objectives, and other data associated with them as well. As the world continues to decrease our reliance on paper and hard copies of such information, keeping that data stored electronically can leave it vulnerable to hacks and disruptions.

By implementing fully encrypted and secure solutions for weapons-related information, you can protect your most sensitive data from falling into the wrong hands.

Surveillance

Successful surveillance operations rely on being uncompromised—and often on being undetected. Whether monitoring secure locations, keeping tabs on potentially dangerous situations, or providing a means of investigation, obtaining and securing surveillance data includes protecting it from disruptions or thefts. But as such data is both procured and transmitted, there may be weaknesses that can put it at risk.

Secured transfer and storage solutions using military-grade data encryption allow you to maintain surveillance initiatives without vulnerability to attack.

DataLocker’s suite of solutions are designed to provide data security for the military without the hassles of installation, configuration, or added security training for your team. In addition, our products are compliant with TAA (Trade Agreements Act), as well as with directives from HIPAA, SOX, DHS, NRC, GLB, and more.

Learn more about DataLocker’s data encryption solutions for government and military agencies or request an evaluation today.

How to protect your data from disgruntled employees

family_safeconsole

We hear about cybercriminals and data hackers all the time.  But another threat lies close to home and can be equally if not more devastating.  Sensitive data and corporate intellectual property must be protected at all times, even when it comes to employees.  Disgruntled employees with malicious intent can wreak havoc, as can those who unwittingly violate corporate data use policy.

So what’s an organization to do, especially now that business is more mobile than ever?  How can sensitive data be protected from disgruntled employees?

For starters, having a solid corporate data usage policy and clear standards on the front end is a given.  Privileged passwords that are updated frequently and limited access to data are two things to consider.  In addition, the administrator should ensure that any former employees’ user accounts have been disabled.  IT departments should be vigilant, monitoring for potential insider threats and being aware of activity that looks suspicious or out of the ordinary by anyone that has access to corporate credit cards, proprietary or sensitive business data and other intellectual property.

DataLocker provides many solutions for encrypting data, which greatly reduces the risk of hacking by disgruntled employees or outsiders.  Employers have to be able to manage and track data. This includes knowing who has accessed it and from where, and through which device(s).

When it comes to mobile security, all of DataLocker’s hardware encrypted products, particularly the ones that can be managed with either IronKey EMS or SafeConsole, can give you peace of mind as you protect your data, your mobile workforce and your organization. Unlike most portable storage solutions, DataLocker drives use hardware-based encryption for seamless encryption that does not compromise performance. DataLocker drives also have a self-destruct feature so that if a drive is lost or stolen, potential attackers will not be able to use brute force to break into them. This greatly increases the odds of your organization coming out of the whole experience unscathed. It is imperative that organizations efficiently and cost-effectively protect data by administering usage and encryption policies, password restrictions, and more from a central console. These tasks are made easy with IronKeyEMS.

With SafeConsole central management server software, you can instantly gain complete and granular control over all of your encrypted USB flash drives and portable hard drives.  Additionally, you will achieve compliance for USB storage usage, while enjoying full control and audit.

SafeCrypt (formerly SkyCrypt) allows users to encrypt data seamlessly at their desktop, and as a result, only encrypted data is synced to the cloud. Even if your cloud service provider is hacked at root level or your personal login is compromised, your files are safe, secure and impenetrable.

DataLocker is committed to helping you protect your most sensitive data, at your desktop, on the go and in the cloud.  If you are interested in receiving an evaluation of your mobile security, or to try one of our products, please click here and an account executive will be in touch.  You may also email us at sales@datalocker.com.

 

Why FIPS validated products are so important

datalocker-dl3-fe-encrypted-external-hard-drive-datalocker-com

DataLocker has been providing cutting-edge, advance encryption solutions since 2011.  Our government and military clients are especially keen on protecting sensitive data and regularly look to us for solutions so they can securely transport, store and share data. Lost or stolen devices should not be equated with compromised data!

One of the typical requirements for encryption solutions is that they be FIPS validated.  FIPS stands for Federal Information Processing Standards.  These standards were developed by the National Institute of Standards for Technology (NIST) through the U.S. Department of Commerce as benchmarks for security in government pursuant to the Federal Information Security Management Act.

Several of our products are FIPS 140-2 validated.  This refers specifically to cryptographic modules, such as our hardware-encrypted external hard drives and USB flash drives. There are four levels of security within FIPS 140-2.  (Read more about FIPS 140-2 security levels here.)  At the highest level, level 4, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.

So what makes DataLocker FIPS validated products unique?  Our DataLocker DL3 FE is the only drive on the market that utilizes two pass cascading encryption using two different independently generated random keys for unsurpassed security. And the DataLocker H350 has earned end-to-end FIPS 140-2 Level 3 validation (certification #2359) for the entire H350 External Hard Drive – not just its encryption components- making it immune from attacks such as “BadUSB” or “Equation Group,” which also target other components of the device.  In addition, the following DataLocker products are FIPS validated:

More information on DataLocker’s certifications can be found here.  If you are interested in receiving an evaluation of your mobile security, or to try one of our products, please click here and an account executive will be in touch.  You may also email us at sales@datalocker.com.

How to maximize mobile security in today’s world

Mobile security threats and vulnerabilities are and should be of chief concern for every organization. Employees move around and need to bring their data with them. If you care about your organization’s privacy, chances are you already stay away form online storage solutions.  Mobile security is not immune to terrorist threats (think communication apps meant to evade eavesdropping) or hacking, for example.  Credit card and data fraud, extortion and unauthorized use are huge problems and we see major companies falling victim to breaches.  When it comes to mobile security, all of DataLocker’s hardware encrypted products, particularly the ones that can be managed with either IronKey EMS or SafeConsole, can give you peace of mind as you protect your data, your mobile workforce and your organization. Unlike most portable storage solutions, DataLocker drives use hardware-based encryption. Therefore if a drive is lost or stolen, potential attackers will not be able to use brute force to break into them. This greatly increases the odds of your organization coming out of the whole experience unscathed.

An important feature that administrators look for is having the ability to simplify security regulation compliance by giving them control over drives deployed across the enterprise. In addition, it is imperative that organizations efficiently and cost-effectively protect data by administering usage and encryption policies, password restrictions, and more from a central console. These tasks are made easy with IronKeyEMS.

Central management gives peace of mind for companies–WHEN their users forget their passwords or lose their devices–Admins will be able to take action to remedy the issue at hand. Tracking and auditing usage is also a huge benefit. Also, it allows them to get out in front of any issue, because when (not if) devices are lost on one of our Secure USB devices it does not become a reportable offense like it does if the devices are not encrypted.

IronKey EMS

Protecting your data, your mobile workforce, and your organization is easy with the IronKey Enterprise Management platform. You can quickly and easily establish a secure storage command center for administering and policing the use of IronKey encrypted Workspace devices for Windows To Go and Enterprise storage drives.  IronKey Enterprise devices can be securely managed with cloud-based or on-premise management.

In today’s world, companies are managing devices and employees all over the globe.  A single console gives your administrators an up-to-the-minute view of all IronKey Workspace and Enterprise devices under their management, no matter their location. You can easily manage user status, device status, device location, and more.  Administrators can remotely disable lost or stolen devices by locking out users and preventing password access, and even destroy a compromised device by erasing every block of data, thus rendering it unusable.

SafeConsole

With SafeConsole central management server software, you can instantly gain complete and granular control over all of your encrypted USB flash drives and portable hard drives.  Additionally, you will achieve compliance for USB storage usage, while enjoying full control and audit. The mobility and productivity benefits of USB storage devices remain intact– without the risks of malware, data leaks and breaches. Define and control administrative roles to manage, track, audit and support your end users so that they can securely and efficiently perform their job function. SafeConsole (both Cloud and On-Premises) integrates seamlessly with Active Directory to allow for simple deployment of our secure USB storage devices.

If you are interested in receiving an evaluation of your mobile security, or to try one of our products, please click here and an account executive will be in touch.  You may also email us at sales@datalocker.com.

 

 

 

How to take control and manage your secure USB drives

The USB drive is everywhere- they can be purchased at every check out counter from office supply stores to convenience stores.  They are portable, small and can hold a relatively large amount of data and make data transport a breeze between office or school and home.  But with portability comes inherent security challenges.

USB device theft, accidental loss and the spread of malicious code can lead to data breaches, compromised customer information, loss of intellectual property and a loss of consumer and even stakeholder confidence. Unsecured and unmanaged USB drives have the potential to becomes digital weapons, as they are the perfect vehicle for delivering malicious programs and viruses. Unsecure USB drives can easily have their firmware rewritten, thus enabling them to inject code into every computer they come into contact with.  Often the owner isn’t even aware that their USB device has been compromised, so they continue to share the infected USB drive.

It may surprise you to know that only 50% of companies have a USB device usage policy, and only about one-half of those companies actually enforce their policies (The State of USB Drive Security, Ponemon Institute, sponsored by Kingston, July 2011).  If you don’t have a data security and management plan in place…you’re not alone.  But- there are things you can and should do to take immediate action! Properly managed, secure USB drives can be a useful tool for companies, and whenever that data becomes portable, a comprehensive plan becomes paramount to the success of data security.  There are several things to consider as part of your planning:

  • How do we get devices connected to a server and under the control of management?
  • Who is ultimately responsible for the devices?
  • Is the end solution compliant with legislation and the organization’s policies?
  • Does the security solution “make sense” for the real world?
  • What does the future hold for this technology?  Is it likely to be supported in years to come?
  • Does our strategy secure ALL of our digital assets, including secure USB drives?

Hardware encrypted USB flash drives are an essential component of a comprehensive data loss prevention (DLP) strategy. DataLocker offers both FIPS 140-2 level 3 devices and standard secure USB flash drives.  All secure USB flash drives from DataLocker can be managed by the SafeConsole central management system which offers enforcement of password policies, remote password resets and audit for compliance and much more.  For additional information or to learn more about our products, please contact us.

Developing a strategy to deploy and secure all digital assets along with implementing the right central management system will create a seamless, secure workflow solution.  It is incumbent upon organizations to mitigate the potential for a USB data breach, which could cost millions in the long run.

 

 

Implications of GDPR on portable data storage

how-comply-gdpr

GDPR refers to the European Union’s General Data Protection Regulation. GDPR means that organizations that handle EU citizens’ data face massive fines (up to 4% of their global annual turnover) if they are non-compliant.

It’s important to note that a company or service provider with no physical EU footprint still has to comply with the EU data protection legislation…if it processes EU citizens’ data.

There are inherent risks associated with portable storage, so it is valuable to note how to implement GDPR from a practical standpoint.  The new standards all but ensure that lost portable storage devices and other such security breaches will be reported to regulators going forward.  This serves to protect consumers and clients, who have a right to know when they have been compromised or hacked. Reporting looks somewhat different for data that is unlikely to result in a risk for the rights and freedoms of an individual (an unencrypted USB flash drive containing patient information, for example).

GDPR tells us that organizations should protect data at a level that is attainable using current technology, and at a reasonable cost (financial and time).

So, as a global expert within encryption and portable data storage, what does DataLocker recommend to achieve compliance?

  • Have a solution that protects all stored data with automatic encryption and strong passwords.
  • Take care that only authorized staff have the rights to transport data.
  • Keep track of which data is transferred onto encrypted portable media.
  • Have a solution that only allows access to data in approved territories, as transborder data (that which is subject to foreign jurisdiction) is subject to additional restrictions.
  • Have the ability to permanently erase and all copies of a data subject’s stored information.
  • Centrally managed hardware encrypted portable storage that provides audit trail capabilities is the recommended solution.

The costs of NOT implementing a solid portable storage solution are too great to ignore.  The risk of noncompliance is not one worth taking!

*image credit: Termsfeed.com, appearing in an article by Leah Hamilton