IronKey Technology- Self DefendingThe World's Most Secure Flash Drive
When you first initialize your IronKey device, you create a password. From then on, the encrypted drive will only mount and be accessible if the correct password is entered. Additionally, to ensure that hackers or malware cannot compromise an IronKey it employs a number of self–defenses.
Stops Password Attacks
Even hardware–based encryption systems can be vulnerable to brute–force attacks if they store a password attempt counter in the flash memory. The attacker simply rewinds the counter after every attempt. It is then only a matter of time before the system is cracked—as readily available software and hardware allow the hacker to hammer at the device with tens or hundreds of thousands of guesses every minute. To mitigate such threats, the IronKey uses its own internal password guessing counter from the IronKey Cryptochip. Since counter is not stored in the flash memory, it is not vulnerable to memory rewind attacks.
In addition, IronKey drives are designed so that after a set sequential number of incorrect password attempts (and ample warnings), the IronKey locks out all further password attempts and initiates a patent–pending self–destruct sequence that securely and permanently erases your encryption keys and data. IronKey Enterprise drives allow the administrator to customize the policy for the allowed number of failed attempts.
Protection from Untrusted Hosts
Occasionally, you may need to use your IronKey drive on a host computer that you cannot say for sure is a trusted computer. For example, you may not know if it has up–to–date anti–virus software.
IronKey provides an onboard virtual keyboard applet to defend against keyboard logger malware that might attempt to steal your password. The virtual keyboard lets you bypass the touch–typing keyboard and use the mouse to click the letters in an onscreen keyboard diagram. The diagram can even be randomized so the pattern of your clicks can't be analyzed.
IronKey devices also self–defend against other malware and virus threats by providing an option to open the drive in Read–Only mode. This will ensure that a virus cannot infect your IronKey by modifying your files or writing new files to the drive.
Unprotected removable media can potentially become carriers for viruses and other types of malware that attach themselves to the AutoRun files. IronKey devices protect against AutoRun malware by performing an integrity self–check to ensure that the device's AutoRun files have not been modified. If the integrity check fails, the IronKey will temporarily disable the AutoRun mechanism, remove the files, and restore the original, pristine AutoRun file.
Trusted Update Mechanism
A unique capability of IronKey devices among secure USB drives is their ability to be updated in the field. This allows drives to receive software patches and feature updates without having to return the drive to administrator. IronKey assures the drive update process stays secure and prevents malware from exploiting the update mechanism by authenticating signatures on the update image to guarantee the update comes from IronKey.