ENCRYPT

to ensure the ultimate protection of your data stored in the cloud or on your local PC/MAC or any data storage device

SHARE

Your encrypted data security with authorised users in the cloud as well as email and file transfer services in real-time.

 

MANAGE

and monitor your cloudAshur device centrally

The future  of cloud data security

cloudAshur is the perfect solution for anyone wanting to securely store, share, manage and monitor data in the cloud. cloudAshur eliminates the security vulnerabilities  that exists with cloud platforms, such as lack of control and unauthorised access. Hackers and vulnerable users. Human error is also prevalent amongs data leakage incidents.

The consequences of a cloud account being  hacked can bring  about theft and leakage of confidential data, leading to potential job losses, adverse publicity, hefty fines and downfall of business.

On-device Crypto-chip

Offering 100% real-time military grade AES-XTS or AES-ECB 256-bit Hardware Encryption with FIPS PUB 197 certified USB 3.0 encryption controller.

Uniquely incorporates Common Criteria EAL4+ ready secure microprocessor

Which offers ultimate security against hackers, detecting and responding to tampering with features such as:

- Dedicated hardware for protection against SPA/DPA/SEMA, DEMA attacks - Advanced protection against physical attacks, including Active Shield, Enhance Protection Object, CStack checker, Slope Detector and Parity Errors - Environmental Protection Systems protecting against voltage monitor, frequency monitor, temperature monitor and light protection - Secure Memory Management/Access Protection

Five Factor authentication

Something you have

  1. The cloudAshar hardware security module.

Something you know

  1. 7-15 digit Admin/User configurable PIN
  2. Username and Password foe the  iStorage   cloudAshur  Windows or macOS client app.
  3. Where the data is stored, which cloud provider.
  4. Username and password for the cloud account.

BRUTE FORCE HACK DEFENCE MECHANISM

Intelligently programmed to protect against all forms of brute force attacks.

If the User PIN is entered incorrectly 10 consecutive times, the User PIN will be deleted and the drive can only be accessed by entering the Admin PIN in order to reset the User PIN. (Admin can change this from the default 10 incorrect PIN entries, to 1-9, for the User only)

If the Admin PIN is entered incorrectly 10 consecutive times, all PINs and the encrypted encryption key will be lost forever.

1. LED lights
Red – standby state
Green – User mode
Blue – Admin mode
2. Polymer coated, wear resistant, alphanumeric keypad
3. Common Criteria EAL4+ ready secure microprocessor
4. Epoxy coating
5. Hard anodized and ruggedized extruded aluminium housing
6. Key button
7. SHIFT button
8. Zinc alloy (can be attached to keyring)
9. Rubber gasket

Making the module waterproof when sleeve is fitted

FIPS Level 3 compliant tamper proof & evident design

All critical components within the cloudAshur enclosure are covered by a layer of super tough epoxy resin, which is virtually impossible to remove without causing permanent damage to the critical components.

If breached, the cloudAshur modules tamper evident design will provide visible evidence that tampering has occurred.

One-time User recovery PIN

The Admin can program the cloudAshur with a one-time recovery PIN. This is extremely useful in situations where a User has forgotten the PIN to authenticate the cloudAshur.

This feature allows the User to enter the Recovery PIN and configure a new User PIN.

User PIN enrolment

The Admin can set a restriction policy for the user PIN. This includes setting the minimum length of the PIN, as well as requiring the input of one or more ‘Special Character’ if needed.

The ‘Special Character’ functions as ‘SHIFT

+ digit’

Whitelisting on networks

Configured with a unique VID/PID and internal/external serial number with barcode, allowing easy integration into standard end-point management software (white-listing), to meet internal corporate requirements.

cloudAshur KeyWriter (Patent Pending)

Makes sharing of data in the cloud, via email and file transfer services between authorised users a breeze with ultimate security and peace of mind!

 KeyWriter features

iStorage KeyWriter copies all critical security parameters including the randomly generated encryption key and all PINs between the Master cloudAshur module and as many secondary cloudAshur modules as required using any off the shelf USB hub, allowing authorised users to securely share data with one another, in real-time, regardless of their location.

The critical security parameters never leave the cloudAshur module and are stored in the Common Criteria EAL4+ ready secure microprocessor.

The process of copying the encrypted encryption key and all critical credentials between the Master cloudAshur module and the secondary cloudAshur modules is protected by a secure protocol incorporated within the iStorage cloudAshur secure microcontroller. The protocol is implemented using cryptographic algorithms, all of which are FIPS certified. Every cloudAshur has a unique certificate issued by a root of trust, which ensures that only iStorage cloudAshur modules can be used during the key exchange process.

The cloudAshur modules never output the established session key when running the secure protocol and the sensitive data being copied is only decrypted in the validated recipient cloudAshur module. The iStorage KeyWriter software running on the PC coordinates the operations required by the secure protocol, however the software has zero visibility of both the session key and decrypted data, making it impossible for a hacker to access or retrieve any critical security parameters stored within the cloudAshur module.

cloudAshur KeyWriter and Remote Management console applications are not included. Prices TBC.

cloudAshur Remote Management
Gives you full control of all cloudAshur hardware security modules deployed within your organisation offering a wide range of features to manage all users.

Key features
iStorage Remote Management Console provides the Administrator full visibility and control over the following:

Temporarily disable or reset (remote kill) Users cloudAshur modules – in the event of suspicious activity or an employee leaving the organisation without returning their cloudAshur encryption module.

Restrict file types – control what file types are being uploaded and shared in the cloud (EXE, PNG, PDF, etc…) View User’s log files – full visibility over what each User is doing in the cloud, such as, what files they are uploading, downloading, modifying, etc…

Display User’s location – You can view the location of User’s cloudAshur modules via an on-screen map.

Geofencing and Time fencing – restrict the time and location of where and when the cloudAshur encryption module can be used by each individual User.

iStorage Remote Management Console is compatible with Windows (Vista/7/8/10).

cloudAshur KeyWriter and Remote Management console applications are not included. Prices TBC.

The key to your data™

Now available for pre-order!

Pre-order

or

Register Your Interest