WinMagic’s SecureDoc Makes It Simple For Black Hat
Established in 1997 as an IT Security Think Tank that works to secure enterprises and government agencies in the Americas, Europe, and Asia, Black Hat differentiates itself from other IT security consultants by working at many levels within the corporate, security, and computer underground communities…World renowned for providing advanced education to security professionals at such high-profile organizations as Amazon, the Defense Advanced Research Projects Agency (DARPA), Microsoft, and the National Security Agency (NSA), Black Hat’s singular and encompassing view of world security trends and unmatched informational reach enables it to be continuously aware of the newest vulnerabilities, defense mechanisms, and industry trends.”As a world-recognized think tank of security experts providing consulting, training, and briefings to corporations and government agencies, Black Hat is in a unique position to evaluate many of the security solutions available,” explained Jeff Moss, Founder ; CEO, Black Hat.The Problem with PortabilityOne such security vulnerability is mobile computing. While laptops undoubtedly provide greater network access for users, the portability of such devices poses significant security challenges. In fact, high-profile organizations such as the U.
S. Federal Bureau of Investigation (FBI) estimate that 53 per cent of network penetration is due to data derived from stolen notebook computers. And, with the price of replacing hardware and software far outweighed by the loss and damage that can result from unauthorized access to sensitive data due to physical theft, Moss was well aware of the need to ensure that the data on Black Hat’s laptops was well protected.Moss understood that the only way to prevent unauthorized users from accessing Black Hat’s information from a lost or stolen laptop was to ensure all of its data was encrypted. Knowing that file encryption solutions still enable unauthorized users to access unencrypted copies of documents in temp files, recycle bins, etc., Moss began looking at full-disk encryption solutions.
Unlike file encryption technology, full-disk encryption solutions encrypt the entire hard drive to ensure that all data on all files was protected.”There are two main issues when addressing laptop security; the theft of the laptop itself, and the surreptitious tampering or copying of the laptop’s data,” commented Moss. “As long as your whole drive is encrypted the ability for someone to access your laptop when you are not around and install a keystroke logger or duplicate your disk is no longer a valid concern,” Moss continued. “Products like SecureDoc mitigate both risks at once.”In selecting the best possible solution to Black Hat’s laptop security issues, Moss was looking for a solution that could provide more than high-level encryption. He also required the selected solution to be simple to install and manage, transparent to the user, and cost effective.
But, most importantly, Moss required an encryption solution that would be simple to integrate with Black Hat’s Rainbow tokens.”Entrusted with highly-sensitive customer information, it is absolutely critical that Black Hat can ensure all data is secure,” noted Moss. “Black Hat already utilized Rainbow tokens to positively authenticate laptop users, but wanted to integrate full-disk encryption to ensure that a lost or stolen laptop could not provide unauthorized access to sensitive data, and having previously experienced management issues with PointSec, I was very happy to discover WinMagic’s SecureDoc at an RSA event.”Based on the Public-Key Cryptography Standards (PKCS) and featuring the Advanced Encryption Standard (AES) 256-bit encryption algorithm, WinMagic’s SecureDoc certainly had the security functionality Black Hat required to protect its data. And, as SecureDoc makes it simple for organizations to encrypt an entire hard disk at pre-boot, it also met Moss’ user-friendly criteria by making the technology transparent to the user. Moss was also pleased to learn that SecureDoc had achieved government validations for Common Criteria and Federal Information Processing Standards (FIPS) 140-1 Level 2, among others, and that its Fortezza-based version is certified by the U.
S. National Security Agency (NSA) to safeguard secret government information.Integrating Full-Disk Encryption with Two-Factor AuthenticationWinMagic explained to Moss that SecureDoc was designed to integrate with an existing public key infrastructure (PKI) certificate and public and private keys, and was the only encryption solution that could be configured to work with all major smart cards, tokens, or biometric devices at pre-boot – providing users with multi-factor, positively authenticated system access. After a successful trial, during which Black Hat found that it was indeed simple to integrate SecureDoc with its existing Rainbow tokens, the encryption solution was purchased. Moss is very pleased with the security benefits of combining two-factor authentication with full-disk encryption.
“Now, users utilize a key stored on the Rainbow token,” explained Moss. “This means that Black Hat can securely store key material on the token and not the laptop, so if it is stolen there is no chance of recovering the key.”Moss also explained how being able to integrate SecureDoc with the Rainbow tokens made it simple and user friendly to protect all data.”Each token holds a small key file, and we have configured it so that one token only gives access to a particular laptop,” explained Moss. “This is very cool, as it makes it simple to implement high-level data security that is also extremely user friendly,” Moss continued.
The Rainbow iKey can also store corporate VPN and SSL certificates as well as EFS and SSH identities, and this ability to aggregate everything to one token was critical in deciding to go with the SecureDoc product.”The Simple Solution to Laptop SecurityBlack Hat’s unique position within the security community makes it the ideal resource for expert and unbiased opinion on both IT security best practices, and available security solutions. So, when Black Hat looked at the unique security issues raised by mobile computing, it was perfectly positioned to develop an elegant solution. Not only has WinMagic’s SecureDoc met all Black Hat’s laptop data security requirements from day one, but Moss has also been very pleased with the support he has received from the encryption vendor since installing the technology.”The day I came across WinMagic at an RSA event, I was impressed with the functionality of WinMagic’s SecureDoc full-disk encryption solution, and I have had no reason to change my opinion,” concluded Moss.
“WinMagic has eliminated the sales support issues I had with PointSec’s solution, and the company’s technical support staff is knowledgeable and quick to response to any of our questions,” Moss continued. “SecureDoc’s full-disk encryption has made it simple to protect all data on Black Hat’s Windows XP laptops, while simultaneously making it easy to combine the benefits of user-friendly encryption with two-factor authentication.”