IRONKEY: COMPLIANCE
IronKey is continually developing mobile USB storage solutions at the leading edge of technology. This includes both developing products that comply with key UK government and industry standards for security, performance and other criteria, as well as building comprehensive solutions designed to assist customers in their compliance with government and industry regulations.
Compliance with Standards
IronKey hardware and software products provide the highest level of protection for data stored on IronKey secure flash devices as well as host PCs and government networks. IronKey S200 devices are the only flash drives available on the market today that have passed the stringent testing requirements for FIPS 140-2 Level 3 validation. This is a key metric for judging the effectiveness and reliability of a security product, and also makes IronKey drives eligible for purchase by the UK military and other UK government agencies.
IronKey devices have been certified or validated for the following standards:
Product Certifications and Compliance
FIPS 140-2 Level 3 – Certificate #1149 | FIPS 197 AES – Certificate #655 and #689, #1034
FIPS 186-2 RSA – Certificate #494 and #305 | FIPS 186-2 RNG – Certificate #587 and #380
FIPS 186-2 SHS – Certificates #986 and #987 | FIPS 186-2 SHA – Certificates #691 and #689
HMAC – Certificates #579 and #615 | CCATS – Certificate #G073288 and #G057590
MIL-STD-810F (Waterproof) | CESG CAPS (Pending)
Compliance with Regulations
With new privacy laws, industry regulations such as the Data Protection Act and fines for non-compliance and data loss from the Information Commissioners Office (ICO), organisations face an increasingly stringent and more complex compliance environment. In addition to the embarrassing public disclosures and the high costs of remediation, a privacy breach can distract IT staff from their business tasks by requiring them to constantly respond to auditors and regulators.
Eliminating Compliance Risks with Managed Secure USB Drives
USB flash drives pose a special regulatory compliance risk. Their small size makes them easy to conceal and easy to lose. The best way to mitigate this risk is by ensuring all data stored on your organisation’s flash drives is encrypted, to the highest possible level of security. In fact, many privacy laws now either mandate encryption or provide “safe harbour” if data on a device was encrypted at the time it was lost or stolen. You cannot achieve compliance without management, which includes the ability to:
Know to which employee the drive was issued
Know when and where that person used it
Prove the device has not been accessed in the event it is lost or stolen
IronKey addresses compliance needs with an enterprise-class solution for protecting mobile data that combines secure hardware encrypted flash drives with central management software.
Always-on Encryption
IronKey Enterprise devices encrypt data in hardware whenever the user transfers files onto the drive. The user cannot turn off encryption or circumvent it in any way. This “always-on” encryption not only ensures that an organisation’s critical data is always protected but also makes compliance with UK regulations virtually automatic.
The IronKey Cryptochip protects data with AES 256-bit hardware encryption (using the U.S. government’s approved algorithm for protecting Top Secret data). IronKey devices are also the first and only USB flash drives to pass the US government’s strict FIPS 140-2 Level 3 criteria for cryptographic technology (IronKey is now undergoing CESG CAPS evaluation in the UK and is expected to gain certification in due course). The result is the strongest mobile data protection available.
Central Management and Secure Device Recovery
In addition to central management software that includes audit trails and other capabilities necessary for compliance, IronKey Enterprise provides Secure Device Recovery. This function allows administrators to recover the contents of a drive if the end-user loses the drive, or leaves the agency with it, thereby helping to maintain and prove custody of data stored on a drive. There are no back doors to this device recovery system. The central IronKey management server also allows you to revoke Admin status if the administrator leaves the agency.