Ironkey Personal User Manual download pdf (Page 8)

PAGE 7IRONKEY USER GUIDE

Password Manager Protection

The IronKey Password Manager and my.ironkey.com work together, giving

you the ability to back up your online passwords to your Online Security

Vault at my.ironkey.com. First, you must unlock your IronKey device, which

requires two-factor authentication. Your passwords are securely stored in

a hidden hardware-encrypted area inside the device (not in the le sys-

tem), being rst locally encrypted with 256-bit AES, using randomly gener-

ated keys encrypted with a SHA-256 hash of your device password. All

of this data is then doubly encrypted with 128-bit AES hardware encryp-

tion. This is the strongest password protection we have ever seen in the

industry.

When you back up your passwords online, IronKey performs a complicat-

ed public key cryptography handshake with IronKey’s services using RSA

2048-bit keys. After successful authentication, your encrypted block of

password data is securely transmitted over SSL to your encrypted Online

Security Vault within one of our highly-secure data facilities.

IRONKEY SERVICES SECURITY

Secure Facilities

IronKey hosts its online services at state-of-the-art third-party data cen-

ter facilities. Physical access to the IronKey systems requires multiple lev-

els of authentication, including but not limited to hand geometry biomet-

ric readers, “man trap” entry, government-issued photo ID verications

and individual access credentials. Each data center facility is equipped with

numerous surveillance cameras, motion detectors, and a sophisticated

alarm system. The IronKey infrastructure resides in a secured cage. The

entire facility is monitored by dedicated on-site security personnel on a

24x7 basis.

Secure Environments & Policies

Logical access to the IronKey environments is controlled by multiple lay-

ers of network technologies such as rewalls, routers, intrusion preven-

tion systems and application security appliances. For additional protection,

IronKey partitions its online services and backend applications into differ-

ent network segments with independent security rules and policies.

Secure Communications & Data at Rest

When users access IronKey web sites and services, all information is ex-

changed over an encrypted channel. This is accomplished through Secure

Socket Layer (SSL) and by utilizing VeriSign Secure Site and VeriSign Secure

Site Pro certicates. To ensure additional security for its services, IronKey

qualied for and is using Extended Validation SSL. The IronKey applica-

tions encrypt all sensitive data prior to transmitting it within the IronKey

network and storing in databases.

1 2 3 4 5 6 7 8 9 10 11 12 13 ... 31 32

No comments

Ironkey Personal User Manual Page 8