By Geoff Fein
With the ever increasing cyber threat to banking and financial information, one California company is developing a solution to protect data and ensure safe online transactions.
Los Altos, Calif.-based IronKey is developing a new product for the commercial banking industry called Trusted Access for Banking, Frank Hecker, federal sales engineer for IronKey, told Defense Daily yesterday at the FOSE conference in Washington, D.C.
IronKey developed a secure flash drive that it sells to both the military and consumers. Now, the company is turning its attention to protecting banking information.
Malware and/or trojan horse programs that are unknowingly downloaded onto a computer can be used by cyber thieves to redirect computer users to infected websites or to track key strokes, thus gaining logon names and passwords, Hecker said.
“These are targeted attacks on a business to take over PCs, to invite fraudulent transactions,” he said. “We are saying, your PC might be infected, so instead of using the host [operating system], [we] go to the banks and create an IronKey for customers.”
Providing an IronKey to customers would create an environment isolated from malware and trojan horses, he added.
The USB device IronKey is touting comes in a rugged hardened case, has a RSA SecurID–a one-time password technology, McAfee anti-virus to scan the drive, and a trusted browser–a locked down version of Firefox, Hecker noted.
The drive, or key, can be managed by the bank to not only provide updates and passwords, but also to keep track of the device should it ever be lost or stolen, he added.
IronKey comes with the capability to disable itself should someone attempt multiple efforts to logon with the wrong password, and a self-destruct feature.
“You can put trusted banking on it. The information can’t be stolen,” Peter Thorp, vice president federal sales, told Defense Daily yesterday.
Thorp said the company has seen sales of IronKey devices increase significantly.
“The mass appeal is that it works,” he added, whether it is for personnel use or enterprise-level work.
After initializing the device and setting up a password, IronKey is very easy to use. Everything from documents to photos that are stored on a computer can be dragged and dropped onto the key.
“You can put data on the key just like a normal USB drive,” Hecker said.
In January, IronKey partnered with Lockheed Martin [LMT] to develop IronClad, a drive for companies with employees who travel and must carry proprietary or sensitive data. Whereas up until now those employees took a company laptop on the road with them, now all they would need is the small USB drive (Defense Daily, Feb. 11).
Unlike its offerings to commercial buyers, IronKey’s IronClad contains a user’s entire desktop on the drive. Once the drive is connected to a computer–and that can be any computer at home, work or on the road–IronClad completely bypasses the host computer’s hard drive.
IronClad has been dubbed a “PC on a stick.”
Because IronClad bypasses the hard drive completely, everything runs off that USB drive, and the enterprise side keeps watch on all the drives, knows what’s on there and actually won’t allow anything that hasn’t been whitelisted to get on the drive, according to Lockheed Martin (Defense Daily, feb. 11).
Lockheed Martin has a major pilot going on to evaluate IronClad as the company’s telecommuting solution. The device has been on the market since September.