proudly presents WinMagic’s SecureDoc

Jens Albrecht, Dipl. El.-Ing. FH

CEO

Sumpfstrasse 32 – 6300 Zug – Switzerland – www.insinova.ch

Last modified 29. September 2010

Agenda

insinova + WinMagic, References

SecureDoc Disk Encryption

SecureDoc File & Folder Encryption

WinMagic Company Profile

Headquarters – Mississauga, Ontario Canada, just outside of Toronto

Canadian Federally registered Private Corporation

Founded in 1997, WinMagic develops Disk Encryption Software

Ca. 80 employees

WinMagic’s Industry Certifications

FIPS 140–1 Level 2 accreditation from NIST / CSE

FIPS 140–2 Level 1 and 2 accreditation from NIST / CSE

AES 256 certification by NIST

Common Criteria Evaluation EAL1, EAL4

DoD Certification for the CAC Card and PKI

Swiss References (SecureDoc) Abraxas Informatik AG

AO Foundation

AWD Allgemeiner Wirtschaftsdienst AG

Bundesamt für Informatik und Telekommunikation (BIT: ESTV, Oberzoll Direktion)

Cendres & Métaux SA

Departement Verteidigung, Bevölkerungsschutz und Sport (VBS, DoD)

Datenschutzbeauftragter des Kantons Zürich

Energie Wasser Bern

Finanzdirektion des Kantons Zürich

Hawa AG

Hochbaudepartement der Stadt Zürich

INSERTO AG

JOWA AG

Kanton Aargau

Kanton Genf (Etat de Genève)

Klinik Hirslanden AG

Landert Motoren AG

maxon motor ag

MIDOR AG

STUDER CABLES

SUVA

Swiss Life

Telecom Liechtenstein AG

V-ZUG AG

Disk vs. other Encryption Methods

Disk Encryption with SecureDoc

e.g. SecureDoc Disk Encryption

Pre-Boot-LogOn (fully customizable)

1024*768, 16 bit BMP

Pre-Boot-LogOn (Military TabletPC Touch Screen)

User Friendly

Fully transparent to the user – With the exception of authentication at boot logon, user is not aware that their entire disk is encrypted therefore no training is required to get the user up and running effectively

FAST (FIPS - AES version converts 30 GB disk in less than 1 hour)

Conversion tolerates interruptions

Supports international keyboard layouts

SecureDoc’s Extensive Compatibility

Windows XP/ 2008 / Win 7 / VMware

Linux / Mac OS X 10.6.x

FAT16, FAT32, NTFS

Hard Disk, USB-Stick/Disk, Files & Folders

Disk Utilities like Imaging Software

No problems with Anti-Virus Software

Works with Microsoft compression as well as other file and folder encryption products

Supports HIBERNATION mode

Danger of “Master Password”

Other Encryption products use the “Master Password” concept to Administer key files

What happens if the master password is compromised?

Be aware of key files from vendors which maintain proprietary format or legacy codes – these master passwords leave gapping holes and create security issues.

Client setup & administration

Client installation by MSI or EXE

Restarts during setup can be switched off

SecureDoc Commands execution by script

Encrypted disks can be cloned (GHOST /IR)

Deinstallation by script

SecureDoc Key File Concept

Protection Possibilities

Password

Windows Password Synchronization + SSO

Token (Smart Card or USB-Token) plus PIN

Token plus Biometrie

No MS GINA Replacement!

PKI & Token Support

PKI Support

SecureDoc uses your X.509 certificate to protect your disk.

This eliminates the weakness of a password as well as reduces support calls related to passwords.

Removable Media Encryption

SecureDoc Media Viewer for free for computers without SecureDoc installed

Enterprise Server 4.9

Administrator’ s tool box

Set up of Administrators and End-User Rights, Profiles, Keys and Password Rules

Easy Roll-Out by Remote Installations

Challenge-Response Function

Communication to the Notebooks by TCP/IP

Audit Logs and Reports

LDAP and CSV support for Importing Users

Uses SQL database

Enterprise Server Administration

Enterprise Server Profile Administration

Enterprise Server Profile Administration

Supports all foreign keyboard layouts

Enterprise Server Profile Administration

SecureDoc Commands

Administrators can execute commandson the notebooks after the installation.

Use Challenge-Response

1.

2.3.

4.

5.6.

Notebook

Challenge-Response Authentication Questions

1.

5.6.

Disaster-Recovery

1.

5.6.

In case of corrupt OS, e.g. Windows Blue Screen, it is possible to gain access to the encrypted disk by using the SecureDoc BartPE Recovery CD which contains the SecureDoc drivers. After the successful authentication important files can be copied to a targed destination.

SecureDoc File & Folder Encryption

1.

5.6.

Encrypt / Decrypt with intuitive functionality in “dragging and dropping” and right click menu support

Automatically encrypt and protect files by dragging them into encrypted folders

Transparent encryption of files regardless of application

Manageable locally and centrally by SecureDoc Enterprise Server

Protect transmission of documents by automatically encrypt them first

Single Sign-On with Windows login

SecureDoc File & Folder Encryption

1.

5.6.

SecureDoc File & Folder Encryption

1.

5.6.

SecureDoc File & Folder Encryption

1.

5.6.

www.insinova.ch

www.securedoc.ch

www.winmagic.com

insinova ag

Sumpfstrasse 32

CH-6300 Zug