|
|
 |
|
|
|
Like a Bank Vault in Your Pocket
Hydra PC™ Digital Attaché USB encryption devices are secure, yet versatile. Think of a bank vault with individual safe deposit boxes, each accessible only to those people who posess the key and are authorized to open it. Even if safecrackers force open the vault, they still have to break into each box, one at a time, to find anything worth stealing. In the same way, Digital Attaché provides secure hardware-based protection that encrypts each file using a unique key, and encrypted files can be stored inside a separately encrypted area on the Digital Attaché.
Secure Storage
Digital Attaché uses replaceable microSD memory cards for infinite expandability. When you run out of storage space, just install and format a new card. Digital Attaché memory cards can be formatted with one or two partitions, which can be either encrypted or unencrypted. Unencrypted partitions work just like any USB flash drive and do not require a password for access. Users must log on to the Digital Attaché to access encrypted partitions.
Store encrypted files in an encrypted partition for two levels of security, including two-man control.
Secure Transfer with Data Containment
Hardware-enforced domains ensure that encrypted files and partitions on the device can be accessed only when the Digital Attaché is connected to a designated computer. If the device is connected to a computer outside of its domain, encrypted data cannot be accessed, even with the correct device password. Domains prevent users from removing sensitive data or using an unauthorized computer to maliciously or inadvertently breach data security. Administrators can block read/write access from the Digital Attaché to external storage devices.
Secure Sharing
In a way similar in concept to encrypted email, you can share encrypted files or Digital Attaché memory cards. Exchange sharing certificates with other Digital Attaché users and designate their Digital Attachés as recipients. Again, shared encrypted files can be located almost anywhere, making secure sharing easy over long distances. Attach a shared encrypted file to an email message or send a shared memory card by regular mail without concern about interception.
Strong Hardware-Based Encryption
All data encryption is performed in the tamper-resistant, epoxy-coated cryptographic hardware. The access password is never stored on the device, in software, or on a host computer, even in encrypted or hashed form. This safeguards the keys, passwords, and encrypted data from physical attack whether or not the device is connected to a computer. The encryption algorithms used by Digital Attaché meet or exceed U. S. Government requirements, making it the strongest commercially available USB encryption device.
Integrity checks at each encryption and decryption operation verify that the data has not been tampered with while encrypted. SPYRUS is the industry leader in using XTS-AES sector-based encryption, which provides enhanced protection against attacks.
Signed, Encrypted, and Sealed
At encryption time, both the plaintext and the resulting ciphertext are digitally signed and time-stamped, and the originator’s credentials are embedded. The encrypted file becomes the sealed document of record because, when encrypted, nothing, including who has access to it, can be altered without destroying the ability to decrypt the file. The content, time of encryption, and the device used to encrypt the file can all be independently verified.
Secure Key Generation and Protection
All SPYRUS security devices use the latest approaches to random number and key generation, using a hardware-based random-number generator. After generation, private keys can never be exported or extracted from the device. Because encryption keys are never exported or escrowed, they are never exposed or vulnerable to hackers.
Any attempt to penetrate or probe the device while it is connected to a computer causes the RAM and all keys, variables, public security parameters, and certificates stored in EEPROM to be deleted.
Encrypted Data Recovery
The sharing certificate of a Hydra PC™ Recovery Agent device (purchased separately) can be embedded into every encrypted file or memory card partition. If a Digital Attaché is lost, stolen, or damaged, or if its password is unavailable for any reason, the Recovery Agent can still access data encrypted by the inaccessible Digital Attaché.
|
|
|
Digital Attaché Stands Out from the Rest with These Unique Features
- Military-grade encryption using advanced hardware security including XTS-AES 256, AES CBC 256, SHA-384 and Suite B cryptography approved by the U.S. National Security Agency.
- Each file is encrypted with a unique key.
- Securely store encrypted files on the Digital Attache, on the computer, or in any accessible location—even in the cloud.
- Securely share encrypted files and memory cards with other designated Digital Attaché users.
- Removable storage on standard microSD cards significantly lowers cost per GB.
- Authentication feature limits use of the device to specifically designated computers.
- Store BitLocker keys or digital certificates in an unencrypted partition to add a hardware authentication factor.
- FIPS 140-2 Level 3/EAL5+ cryptographic anchor.
- Hydra PC Digital Attaché is also available in a Hydra PC Virus Protected (ViP) version, which includes SPYRUS Sentry A-V antivirus protection.
|
|
|
|
