IronKey announced that it has been approved for use within the North Atlantic Treaty Organization (NATO) to provide the 28 member nation organization with IronKey S200 secure hardware encrypted USB flash drives. "IronKey is the first and only Commercial Off The Shelf (COTS) secure USB flash drive approved by NATO for use within the 28 NATO member nations," said Steve Ryan, senior vice president of IronKey. "By receiving the NATO approval for the IronKey S200 family of devices, IronKey once again demonstrates leadership and commitment in building the most secure USB storage devices in the world."

IronKey announced that over 1,000 companies and government agencies have adopted IronKey secure and intelligent USB flash drives and are managing them remotely using IronKey's cloud-based Internet security remote management online service. This makes IronKey one of the largest online security SaaS companies in the world.

IronKey online security services include:

• Remote management and tracking of IronKey secure intelligent flash drives
• Remote kill of lost and stolen devices
• Content recovery, password reset and device redeployment
• Internet update of software and security updates to IronKey devices
• Internet update of anti-virus and anti-malware software on IronKey devices

Key Facts/Highlights:

• IronKey has had successful large deployments with over 1,000 enterprise organizations and government agencies globally using its online security service to remotely manage IronKey intelligent secure USB flash drives over the Internet.
• IronKey provides secure USB management services to its customers in government, financial services, healthcare, enterprise and education markets worldwide.
• IronKey has over 25 distributors in more than 40 countries and has signed on over 180 Elite and Certified VARs.
• IronKey designs and develops the world's most secure USB memory sticks (flash drives or thumb drives) at its facilities in Los Altos, California. IronKey products are designed and assembled in the USA to ensure top security and quality for enterprise customers.
• IronKey's new S200 family of secure intelligent flash drives are the only USB portable storage devices in the world to have been validated to FIPS 140-2 Level 3 security standards by the National Institute for Standards and Technology (www.NIST.gov).
• Despite their extremely high levels of security, IronKey flash drives are easy to use, and work on Windows, Macintosh and Linux computers without installing software or drivers.
• IronKey secure intelligent flash drives are available starting at just $79, and volume discounts are available for government and enterprise deployments.
• IronKey products are available on GSA schedules from Computech, Dell, DLT Solutions and GovPlace.

IronKey announced the launch of its S200 device featuring hardened physical security, the latest Cryptochip technology, active anti-malware and enhanced management capabilities.

Highlights of IronKey S200:

• The first and only USB flash drive to meet the rigorous government security requirements of FIPS 140-2, Security Level 3.
• Hardware-based AES 256-bit encryption in CBC mode.
• Tamper-resistant and tamper-evident rugged metal case.
• Secure management of encryption keys.
• Anti-malware capabilities in hardware provide an unprecedented layer of protection from malware and prevent its spread onto enterprise and government networks.
• Dual-channel architecture enables significant performance when writing large and small files to the drive.
• Includes extended-life flash memory capable of running high-bandwidth applications such as virtual machines or bootable mobile desktops.
• Enterprise Management Cloud Service over the Internet for the enforcement of security policies, security and anti-malware updates, and the tracking and auditing of hundreds or thousands of devices.
• Optional Enterprise Management Server that customers can host themselves.

IronKey FIPS 140-2, Level 3 Validation:

• The IronKey S200 USB flash drive has been awarded FIPS certificate 1149.
• IronKey S200 includes the ability to prevent intruders from gaining access to CSPs held within the cryptographic module.
• The physical security mechanisms required at Security Level 3 validate that IronKey thumb drives can detect and respond to attempts of physical access, use or modification of the cryptographic module.
• IronKey includes the physical security mechanisms required for the validation including the use of production-grade components, hard potting material to encapsulate the chip circuitry and a hard metallic enclosure.

Enterprise Management Service Enhancements:

• Mac support for Silver Bullet service provides remote wipe, comprehensive tracking and rich reporting capabilities.
• Configurable time-out policy enables the ability to automatically lock devices after a specified period of inactivity.
• Search capabilities help to locate device information by user name, email address, serial number or other specific information.
• Enhanced backup and recovery capabilities from previous Password Manager to the Identity Manager.
• Management capabilities are available as cloud-based SaaS or on-premise server software for flexibility in meeting organizational requirements.

IronKey announced that its new IronKey S200 products are the first portable USB storage devices to gain full approval from the National Institute of Standards and Technology (NIST) for Federal Information Processing Standards (FIPS) 140-2, Security Level 3 validation.

Key Facts/Highlights:

• US government agencies must only purchase security products that have received FIPS 140-2 validation. In addition, commercial organizations increasingly rely on the validation as an objective, independent review that helps ensure the security capabilities of the products they purchase.
• FIPS validation is accepted globally as one of the most trusted security validations. Companies in the private sector care about a FIPS 140-2 certificate because it means an independent, trusted third-party has reviewed the product design for serious flaws.
• FIPS Security Level 3 moves beyond the cryptographic protection, requiring also that the devices cannot be disassembled without rendering the device inoperable or without erasing all plaintext secrets. Level 3 requires that all automatically established keys be encrypted with a FIPS-approved algorithm.
• FIPS validation requires rigorous testing and inspection in order to be certified by NIST. This is not the same as FIPS compliance. FIPS-validated products go through a comprehensive review by government-approved laboratories, as well as a review by NIST and CSE authorities.

There is a general lack of awareness and enforcement of security policies and procedures in companies today, according to new research announced by privacy and information management research firm, Ponemon Institute. The report, Trends in Insider Compliance with Data Security Policies: Employees Evade and Ignore Security Policies, was sponsored by IronKey, maker of the world's most secure flash drive, and examines the challenges facing IT professionals in securing confidential data.

Facts/Highlights:

• The majority of respondents admit to serious non-compliant workplace behaviors that place their companies at risk. Such behaviors include the insecure use of USB memory sticks, use of Web-based email, sharing passwords, turning off security settings and more.
• According to the study, 69 percent of employees surveyed said that they copy confidential or sensitive business information onto USB devices, while only 13 percent of respondents said their companies have a policy that allows this, showing a 48 percent non-compliance rate.
• 61 percent admitted to copying confidential or sensitive business information onto USB devices, and then transferring the information to another computer that is not part of the corporate network.
• Over half of the respondents said that they download personal Internet software to their company computers, which significantly increases the risk of introducing viruses, worms and other malware into an organization's network.
• 58 percent of the respondents said that their companies do not provide adequate training about compliance with data security policies, and about the same number said the data security policies are ineffective.
• Approximately half of the survey participants said their corporate data security policies are largely ignored by employees and management, and that the policies are too complex to understand.
• Compared with a similar study conducted by Ponemon Institute in 2007, the rate of non-compliant employee behavior appears to be getting worse over time.

"Datenschutz ist wichtiger denn je. [...] Schon in der Vergangenheit testeten wir eine verschlüsselte Festplatte und einen verschlüsselten USB Stick. Eigentlich kein Grund diese Thematik erneut aufzurollen, würde Ironkey nicht mit dem Slogan 'The world's most secure flash drive' werben. [...] Der Ironkey ist, so weit wir das beurteilen können, wirklich der sicherste Stick den es auf dem Markt gibt. Die Verarbeitung überzeugt, die Vorgehensweise bei der Passwortübertragung über den USB Port an den Stick ist gut durchdacht. Wer mit sensiblen Daten umgehen muss, sollte sich diese Sticks genauer ansehen." (www.apfeltalk.de)