IronKey Encrypted Flash Drive

Your IronKey is literally packed with the latest and most secure encryption technologies, all enabled by the powerful onboard Cryptochip. Rather than employing "homegrown" cryptographic algorithms that have not undergone rigorous cryptoanalysis, IronKey follows industry best practices and uses only well-established and thoroughly tested cryptographic algorithms.

All of your data on the IronKey drive is encrypted in hardware using AES CBC-mode encryption.

Encryption Keys

The encryption keys used to protect your data are generated in hardware by a FIPS 140-2 compliant True Random Number Generator on the IronKey Cryptochip. This ensures maximum protection via the encryption ciphers. The keys are generated in the Cryptochip when you initialize your IronKey, and they never leave the secure hardware to be placed in flash memory or on your computer.

Always-On Encryption

Because your IronKey implements data encryption in the hardware Cryptochip, all data written to your drive is always encrypted. There is no way to accidentally turn it off or for malware or criminals to disable it. Also, it runs many times faster than software encryption, especially when storing large files or using the on-board portable Firefox browser.

Two-Factor Authentication

Beyond simply protecting the privacy of your data on the IronKey flash drive, the IronKey Cryptochip incorporates advanced Public Key Cryptography ciphers that allow you to lock down your online IronKey account. That way you must have your IronKey device, in addition to your password, to access your online account. This highly complex process runs behind the scenes, giving you state-of-the-art protection from phishers, hackers and other online threats.

Online authentication, the process of remotely identifying and verifying users, is an integral part of IronKey's security architecture. As it pertains to computer security, authentication works to verify a user based on his digital identity credentials.

IronKey brings a whole new level of authentication to your Internet experience, giving you the upper hand in the cybersecurity arms race.

Password Protection

It starts with the onboard IronKey Password Manager. As you visit your online sites, the Password Manager will ask you if you want it to remember your usernames and passwords. These are then stored with hardware encryption on the IronKey drive.

When you wish to log back into one of your accounts, the Password Manager compares the website that you are visiting with the website where you originally entered your password. If they match, the Password Manager enters your password for you without you having to type it in. If they do not match, then you may be on a phishing site, and the Password Manager will not enter the password for you.

This gives you simple but effective protection against phishing attacks and spyware that tracks your keystrokes.

Strong Authentication

Your IronKey supports advanced cryptographic authentication using strong PKI key pairs generated in the IronKey Cryptochip. When you log into my.ironkey.com from your device, it uses these unique keys as your digital identity credentials. This locks down your account so that you must have both your IronKey and your password in order to gain access. In other words, no one but you can access your online IronKey account, even if someone stole your IronKey or your password. As banks and other websites begin to deploy two-factor authentication, they will allow you to use a username, password, and an IronKey or other authentication device to ensure that only you can log into your account.

Secure Access to my.ironkey.com

You can manage your IronKeys and security settings on my.ironkey.com. The my.ironkey.com website requires strong authentication for full access. This ensures that people cannot get onto your account without having your password AND your IronKey. In the event that you ever lose your IronKey, you can still access the site in Safe Mode: a restricted mode with limited functionality. This is useful for marking your IronKey as lost, or recovering a forgotten password.

Accessing my.ironkey.com without your IronKey entails additional authentication methods used at some of the world's largest financial institutions:

Mutual Authentication
Mutual authentication, where a secret image and phrase are shown before you enter your password, is used to assure you that you are at the actual IronKey site and not a phishing site. Similarly, all emails sent to you regarding your IronKey account use mutual authentication so that you can be confident the email is really from IronKey before you open the email.

Real-Time Fraud Heuristics
A real-time anonymized data analysis is run every time you attempt to login without your IronKey. If any factor looks suspicious or corresponds with known fraud indicators, supplemental authentication, such as secret questions, may be used to further verify your identity claim.

Out-of-Band Authentication
Out-of-band authentication, such as when verification codes sent via email, is used to raise the bar and make online attacks all the more difficult. This gives you added peace of mind in knowing that it takes more than just a simple password to access your account.

For those concerned about online security threats like man-in-the-middle attacks, there is a whole new way to surf the Web: using IronKey's Secure Sessions service and the Firefox browser already installed on your IronKey.

This allows you to safely connect to your favorite websites, even public computers, and tunnel through unprotected wireless networks and snooping ISPs.

Surfing the Web Safely

With IronKey's Secure Sessions Service, your Web communications travel through an encrypted tunnel on the Internet to our network routing servers and eventually out to your destination website. This approach works just like an instant VPN (virtual private network), but is portable, so you can use it on other computers without having to install and configure complicated software.

Since IronKey controls the server your traffic will exit from, you get the benefit of additional online protection. IronKey performs a check to ensure that your traffic goes to the actual destination site using known DNS databases. It will also check to make sure that it is not a known phishing site. These anti-pharming and anti-phishing methods give you the latest in online protection.

This gives you simple but effective protection against phishing attacks and spyware that tracks your keystrokes.

Surfing the Web Privately

Not only does IronKey's Secure Sessions service encrypt your online communications, but it provides a layer of anonymity to protect your identity and confidentiality. Websites will no longer be able to see your IP address or know where in the world you are coming from because it will appear as though you are coming from one of IronKey's Tor servers instead of from your computer. And you can easily change which country your Web traffic is coming from at any time.

To protect your privacy, IronKey has extended Tor technology originally sponsored by the US Naval Research Laboratory. IronKey's Secure Sessions Service sends your Web traffic through multiple network routing servers before decrypting it on an IronKey server and sending it to the destination site. This makes it virtually impossible to track who is going where or correlate your surfing to your computer.

Optimized for Speed

IronKey's Secure Sessions Service uses complex routing algorithms and high performance Tor servers to ensure an enjoyable web experience. This is done without requiring identifiable information that could be tied back to an individual user or IronKey device. And, you can easily and quickly disable the service by clicking a button right in the browser, which is handy when security and privacy are not important but data transfer speeds are.

Protecting your data and privacy requires more than just encryption-adequate security policies and threat mitigation are essential.

The IronKey has been designed from the ground up with security in mind. A combination of advanced security technologies are used to ensure that only you can access your data. You can rest assured that your data is protected when you carry an IronKey.

Locking Your Device with a Password

When you first initialize your IronKey, you create a password for that device. This password must be entered after you plug your IronKey into a computer's USB port. The encrypted drive will only mount and be accessible if the password is correct.

To prevent unauthorized people or crimeware (malicious software such as viruses and Trojans) from gaining access to your encrypted drive, the IronKey prevents password guessing attacks (e.g. brute-force or dictionary attacks). After 10 incorrect password attempts (and ample warnings), the IronKey locks out all further password attempts. It initiates a patent-pending self-destruct sequence that securely and permanently erases your encryption keys and data. You can use IronKey's Secure Backup software to restore your backed-up data to a new IronKey.

Hardware-Level Security

Hardware-based encryption systems can be vulnerable to brute-force attacks if they store a counter in the flash memory. The attacker simply rewinds the counter after every attempt. It is then only a matter of time before the system is cracked. To mitigate such a threat, the IronKey uses a separate cryptographic processor (the IronKey Cryptochip) with its own internal password guessing counter. This counter is not stored in the flash memory, so is not vulnerable to memory rewind attacks.

Preventing Physical Attacks

This IronKey Cryptochip is hardened against physical attacks such as power attacks and bus sniffing. It is physically impossible to tamper with its protected data or reset the password counter. If the Cryptochip detects a physical attack from a hacker, it will destroy the encryption keys, making the stored encrypted files inaccessible.

IronKey has gone all-out to protect your data, identity, and privacy. In addition to IronKey's fortified hardware, software, and network security architecture, the IronKey is designed so that it cannot be physically tampered with or disassembled by a determined hacker.

Whether you are storing your secret recipes or highly confidential corporate files, and whether you have your IronKey in hand or someone stole it, you can rest assured that your data will remain safe.

Potted Metal Casing

Your IronKey is encased in a rugged metal housing, not plastic. This makes it one of the strongest USB devices you can buy. Whether it is dropped, thrown or run over, it is built to survive the needs of today's mobile lifestyle.

The interior of your IronKey is filled solid with an epoxy-based potting compound. This seals in all the components and prevents the IronKey from being crushed, even under extremely high pressure. The process of trying to remove encrypted data from the flash chips will be extremely difficult, time-consuming and almost certainly destroy the chips and connections inside. Such an attempt would cause permanent, noticeable damage.

Waterproof

The IronKey has tested, passed, and exceeded military waterproof standards (MIL-STD-810F). You need not worry if you send your IronKey for a swim in the pool or a trip through the washing machine-it is built to last.

Tamperproof

Your IronKey is numerically stamped with a unique serial number. You can also personalize your IronKey by writing your name or some other secret code identifier on the back. If someone were to replace your IronKey with a fake one, you could tell by examining the backside for forgery.

Besides potting the insides of the device, IronKey uses tamper-reaction technology in the Crypochip itself. Key storage areas are protected with thin-film metal shielding. The chip itself defends against power attacks and other invasive attacks such as using an electron microscope to scan the onboard memory. It will self-destruct when it detects such an attack.

It's your strongbox for storing your most private information, passwords, and files.

$8 S&H with insurance will be added to each order.

($79.00) 1 GB Secure Flash Drive with 1 Year of Internet Protection






($109.00) 2 GB Secure Flash Drive with 1 Year of Internet Protection







($149.00) 4 GB Secure Flash Drive with 1 Year of Internet Protection