A U.K.-based company has unveiled a solution that may make it possible to use the cloud without concerns that data may be vulnerable. iStorage, a company known mainly for its series of encrypted drives, has introduced cloudAshur, a cloud data security solution that takes more precautions than many other products. As a result, the company claims that users can securely store, share, manage and monitor data in the cloud without security worries.
The solution uses a five factor authentication process, which includes not only the cloudAshur hardware security module but the user’s own configurable PIN, username and password for the iStorage cloudAshur app. The module encrypts all data in transit and at rest, using a FIPS-certified AES 256-bit encryption key stored in a dedicated iStorage secure microprocessor. The user retains control of the encryption key on the device.
All of these features are game-changers, says John Walker, a London-based cybercrime expert. Five-factor authentication, for example, includes something you have (the USB device), something you know (the PIN to the USB key), something else you know (access to the associated service password), something else you know (the cloud location), and yet something else you know (the account credentials and password to the logical location).
“The testing conducted against this device has gone well beyond attempting to guess the key sequence,” he said. “The core technology of all iStorage devices has also been subjected to penetration testing and attack at the lower levels of the operating stack, including physical tampering, all of which proved that robust security is provisioned.”
While this level of security can create significant peace of mind, it can also get in the way of easy access for authorized users. But that’s just a necessary evil, Walker says.
“All such security gets in the way of easy access to the stored personal, sensitive and business-related assets, but if it’s not in place, and it’s easy for the data owner, it’s also easy for other unauthorized parties to access. Sadly, we live in a world proven to be plagued with insecurity--where the cloud is one of the most insecure, easiest pickings of all.”
The cloudAshur device comes with the iStorage KeyWriter, which facilitates the sharing of data in the cloud via email and file transfer services, and between authorized users. Because iStorage KeyWriter copies all critical security parameters, including the randomly generated encryption key and all PINs between the master cloudAshur device, the technology allows users to securely share data in a real-time bidirectional manner, regardless of location.