SecureDoc

 Contact Us  

SecureDoc Disk Encryption

Netrust's SecureDoc Disk Encryption from WinMagic Inc. comprehensively protects data on your disks. The software protects information within a desktop or laptop in case it is lost or stolen, and also controls access to the computer preventing external attacks as well as internal breaches.

The two main features of SecureDoc are as follows:

  1. Full Disk Protection
    SecureDoc simply encrypts all data written to the disks, leaving no chance of sensitive data leaking to temporary files. After an initial conversion, which encrypts existing data, your data on disks is AT ALL TIMES encrypted, even if the power goes out while you are working. Having even Windows system files and Windows registry encrypted, SecureDoc users do not have to consciously encrypt files or save them to certain encrypted folders to have them protected.

  2. Access Control
    You can access the data on the protected disk only if you have the proper authentication (password and key file). Your PC or notebook may be lost or stolen, but the information stored on its secured hard disk will remain inaccessible to prying eyes.

Other features include:

  • Transparent and Automatic Operation
    •
    After the initial setup, SecureDoc is completely transparent. You can work without having to worry about the encryption/decryption process. The computer will do it automatically, each time you access the disk. Also, Users do not have to learn any new applications or procedures except to enter a password to boot the PC.

  • Robust Error Handling Capabilities

    • If something goes wrong while SecureDoc is in the process of encrypting or decrypting a disk (e.g. power failure or a floppy disk is accidentally removed), restart the process. SecureDoc will pick up where it left off, and your data will be safe.

  • Minimal Memory Overhead

    • Disk encryption is the most powerful method for encrypting data. Minimal memory overhead on the disk is required and the CPU efficiency is maximised. This translates into fast, space efficient encryption for you.

  • Wide Range of Platforms

    • SecureDoc supports Windows 95/98/NT4.0/2000/ME and XP.
    SecureDoc can encrypt FAT, FAT32 and NTFS drives. It is compatible with most disk utilities such as anti-virus, boot manager, disk imaging, defragmenter software. Folder encryption software such as Entrust ICE or Windows 2000/XP Encrypting File System EFS can work on disk encrypted by SecureDoc. SecureDoc works with removable drives such as floppy disks, ZIP, and JAZ drives, IBM MicroDrives.

  • Two-Factor Authentication

    • SecureDoc provides a much higher level of security than conventional password-based encryption products. You can store your key file on a floppy disk and either take it with you, or store it in a safe place. You need the password to access the Key File and the Key File to access the encrypted disk.

  • Secure Screen Saver Disk Lock

    • Normally, an auto-run CD tool available on the market can bypass Windows Screen Saver. The hacker can then access your computer data and then put the screen saver back on before leaving. SecureDoc can lock the CD-ROM drive(s) read/write access to prevent this attack. Doing so also disables your CD drive access over networks and from the Internet.

  • Support of Hardware Tokens

    • Designed based on the popular PKCS-11 standard, SecureDoc is equipped to be readily integrated with hardware tokens (Smart Card, USB devices, Biometrics) and Public Key Infrastructure. SecureDoc also works with Datakey 330 PKI tokens and SafeNet smart cards.

  • Architectural Standards

    • SecureDoc is designed based on the PKCS #11 standards. Because of them, SecureDoc can easily facilitate integration with other products such as:
    - Smart Cards for use in Electronic Commerce,
    - PCMCIA cards, biometric devices, and other hardware tokens
    - hardware accelerators,
    - Applications such as Email, browser and Public Key Infrastructure applications.
    SecureDoc can also be expanded to work with Microsoft CryptoAPI.

  • Security Design

    • SecureDoc is designed with all security safeguards in mind. Patent pending technology protects data without system degradation, yet provides a seamless, user-friendly encryption solution. For example, thoughtful design provides protection against plain text attacks for information on sectors with the same data.

  • User-Interface

    • SecureDoc emphasises ease of use. It does not employ DOS programs (unlike some other disk encryption software that were simply migrated from old DOS software). Configuration is simple and easy to understand.

  • Integrated Drive Locking

    • Drive locking is an important feature that you can use to disable read/write access to individual disks. The advantages of this feature help you protect against file deletion, stop your sensitive data from being copied onto floppy disk, prevent the propagation of viruses, block attacks from the internet and prevent malicious tampering of sensitive files.

  • Password/Key File Backup and Recovery

    • A backup Key File can be created which contains your encryption Keys and requires no password. This file can help you log in to SecureDoc even if you forgot your password or have trouble with logon because you made a mistake when changing your password.

  • Password Rules

    • Allows Enterprises to enforce password rules. Users must set up personal passwords that conform to in-house security policies and practices.

  • Encryption Algorithms Used

    • SecureDoc uses Triple AES (256 bit), 3DES (168 bit), DES (56 bit) and CAST-128 encryption algorithms. SecureDoc uses the SHA-1 and RIPEMD 160 hashing algorithms.

  • Protected Multi-Users for Shared Computers

    • An unlimited number of users can be issued individual keys to access a single computer. User may utilize personal keys (password) and/or Smart-Card integration.

  • Audit Trail for Unsuccessful Log-in Attempts

    • Records unsuccessful log-in attempts to keep track of possible security breaches.

  • Fully Customisable Text & Colour Screen at Boot Logon

    • Users can choose the language, text and colour (foreground/background) of their preference.


Also available for SecureDoc is the Central Database Control Centre (optional but recommended for large deployment):

    Enterprise Version

  • SecureDoc Central Database
    SecureDoc Central Database lets administrators manage users' profiles and keys. The central administrators can set users' privileges such as disk re-encryption, decryption, select or modify disk assesses, password rules. The central administrators have assess to all PCs; this guarantees the ability to recover data in case an employee forgets password, loses the smart card or leaves the company.

  • Remote Installation
    Central Administration allows remote installations. This installs and sets up all users' PCs through the network without the time-consuming administration work on each individual PC. Users can be working while the initial disk encryption (conversion of existing data to be encrypted) is taking place in the background or the admin can run the whole setup during the night without being at the workstation using software distribution tools such as Microsoft SMS, Novell ZENWorks, Tivoli etc...

  • Password Recovery System
    Remote one-time password key recovery allows a user, who has forgotten his or her password, to log on his or her PC. The help desk can issue a one-time key to unlock the password in a special challenge-response way so that a potential attacker even if he has intercepted the key transmission would not pose a threat.

  • Audit Log
    All the events are logged into an audit log. Audit logs allow administrators to monitor and analyze possible attacks or users' actions.


In addition, through third-party validation, WinMagic has been able to ensure the robustness of their products. WinMagic has made SecureDoc source code available to several credible third party validation bodies:

    Certification, Formal Evaluations

    1. Source code validation is the only way to verify that a product does not have (vendor) back doors. Bruce Schneier, world-renowned crypto-analyst and creator of the BlowFish and TwoFish algorithms (a final AES candidate) has reviewed and crypto-analyzed SecureDoc source code. Bruce has verified the strength of SecureDoc's construction, and testified that there are no security holes.

    2. SecureDoc has undergone strict tests required by the Common Criteria Evaluation and Certification Scheme for security software. These standards are recognized and endorsed by 13 countries, including the United States, U.K., Germany, and Canada. All testing takes place in high-quality, controlled facilities accredited to ISO/IEC Guide 25 specifications (guidelines for the testing IT security products and systems). The results of the evaluation are that SecureDoc is a secure product that in fact has all of the security features and strengths as laid out in its documentation. In addition, SecureDoc is one of the very few disk encryption products, if any, to receive Cryptographic module Validation Certificates for DES and triple DES from the National Institute of Standards and Technology (NIST).

    3. SecureDoc cryptographic engine has been submitted to FIPS 140-1 level 2 validation. The United States Congress requires the entire Federal government, including federal contractors, to use FIPS 140-1 certified cryptographic devices when they exist. SecureDoc, with an even higher level 2 validation, will satisfy this requirement for a broad class of government security implementations.


 In Summary, SecureDoc's encryption offers more security and adaptability. SecureDoc disk encryption employs advanced encryption concepts, enabling complete data protection. SecureDoc also facilitates computer access control and works automatically and transparently.

 

For more information on our range of products and services, visit www.netrust.net or click here to contact us.
If you wish to speak to our Sales Consultants, please contact 62121385