Kanguru's Remote Management System provides world-class security for your fleet of USB devices worldwide.

Kanguru upgrades KRMC Enterprise to new 5.0

We are very excited about the significant enhancements we’ve made to our Kanguru Remote Management Console (KRMC)  Enterprise version 5.0.  Organizations will be very impressed with the many great new features and security developments this new upgrade has to offer.

Kanguru continues to innovate and provide confident security products to help exceed government, financial and healthcare security standards, and the new KRMC Enterprise 5.0 is no exception.  This upgrade makes Kanguru’s Remote Management tool the most powerful, industry-leading management application for secure USB drives.  KRMC provides System administrators and security officers with complete control to manage sensitive data on multiple USB devices worldwide and significantly reduces associated support costs with the ability to:

• Track and manage USB drives worldwide
• View and export detailed reports on compliancy and set policies
• Disable and delete lost or stolen devices
• Set up online and offline permissions
• Notify users and roll out policy updates
• Schedule password changes
• Enforce strong password rules
• Restrict drives to trusted IP address or domain
• and more…

Along with KRMC Enterprise great original features, organizations will be impressed with the enhanced navigation and menu tools and powerful new reporting features KRMC Enterprise Version 5.0 provides, such as:

• Breadcrumb navigation options
• Enhanced menu systems
• Advanced administrator roles
• Save and load searchable filters
• Section shortcut links for quick access
• Advanced exporting of audit end log data
• Universal intelligent installer
• and more…

View and export detailed reports to see which drives are compliant with set policies and notify those that are not so that the drives may be brought into compliance.  The non-compliant drives can be remotely updated, locked out or even deleted if the administrator so chooses.

If you would like learn more about Kanguru’s new KRMC Enterprise Version 5.0,  feel free to contact us at 888-526-4878, or if you would like to fill out this short form request we’d be glad to send you more information.

www.kanguru.com

From April 2 thru April 5, Kanguru will be attending both conferences simultaneously, displaying several innovative products like the FIPS 140-2 Certified Defender Series, The new Virtual Defender for portable computing, and our incredibly powerful Remote/Central Management capabilities. If you happen to be attending either conference in Orlando, Florida, or Washington, DC during this week, you won’t want to miss our booth!

Among the most pioneering is the Kanguru Defender Series, with the only FIPS 140-2 Certified flash drive in process for Common Criteria EAL2+, designed to exceed the highest government and security standards. Learn how you can secure your most sensitive data in complete confidence, and comply with even the most stringent of regulatory standards and security laws.

Get a sneak-peak at Kanguru’s upcoming launch, the Virtual Defender, a robust break-through in portable computing and remote access.

You will also have the opportunity to learn more about Kanguru’s revolutionary Remote/Central Management software, the most powerful security application designed to remotely manage a fleet of Kanguru USB storage devices from anywhere in the world.

Kanguru Exhibitors will be on-hand to answer all of your questions, demonstrate product, and share more about how Kanguru Solutions is making it easier than ever for you to meet and exceed strict government requirements and security regulations.

Stop by our booth at either location below if you happen to be attending. We look forward to seeing you there!

FOSE 2012: April 3rd – April 5th, 2012
Kanguru Booth #307
Walter E. Washington Convention Center
Washington, D.C.

InfoSec World Conference and Expo 2012: April 2nd – April 4th, 2012
Kanguru Booth #605
Disney’s Contemporary Resort
Orlando, FL

In today’s high-tech world of Information Technology, and stringent government regulatory laws, you wouldn’t think about securing important sensitive data with anything less than perfect security storage devices.  You may have seen certain Kanguru devices that have been FIPS 140-2 Certified and Common Criteria EAL 2+, and you might be a bit confused as to what that is.Well, as a manufacturer of highly-secure storage products, Kanguru takes data security very seriously, and adheres to governments’ most stringent regulations.  Kanguru is dedicated to ensuring that its customers and purchasers of secure IT products are provided with legitimate devices built on best practices.  FIPS and Common Criteria are the main governing standards regarding information technology product security, with many levels of complexity and depth that can be confusing to many. You may wonder what exactly are these governing regulations, how do they compare to each other, and why do they matter?  Here’s a simple look at FIPS and Common Criteria standards and how Kanguru pursues them to equip their customers with first-class products.

FIPS 140-2

FIPS 140-2, or Federal Information Processing Standard 140-2 is a set of security requirements for cryptographic modules.  FIPS 140-2 is overseen by CMVP (Cryptographic Module Validation Program) which is a  joint effort mandated by both the United States and Canadian governments.  CMVP is a partnership put in place by NIST of the United States, and CSEC of Canada.  There are four increasing levels of security (levels 1-4) as well as several specific certifications within FIPS (FIPS 197, etc), each level achieving a higher concentration of certain criteria by the federal government, depending on the level of security and quality of testing necessary.  The areas of concentration include basic design and documentation, physical security measures, cryptographic algorithms, module interfaces, and so on.  The National Institute of Standards and Technology (NIST) reviews their FIPS standards every five years, and their standards have been adopted by the Canadian government’s Communications Security Establishment (CSE), as well as many other countries and institutions.

By achieving the security requirements of the FIPS 140-2 Cryptographic Module, Kanguru demonstrates recognized security and proficiency which government and commercial customers can rely on.  Through discriminating examination, rigorous testing, and analysis,  Kanguru has demonstrated that it’s certified products meet these quality standards for data security.  Where FIPS level 1 usually focuses on software or very basic hardware modules, Kanguru has met or exceeded FIPS level 2 requirements based more on hardware, developing a highly-robust and easier-to-use security product for our customers.   Kanguru’s Defender Series, for example, needs no software installation, as the encryption is built right into the hardware.  But it might be interesting to note that despite the good intentions of the FIPS process, it is a strict evaluation of cryptographic modules and it may still be possible for a FIPS Certified product to miss other components within the entire product set, making it vulnerable to certain security breaches.  That’s why as experts in the industry, Kanguru takes their standard one step further by pursuing Common Criteria as well.

Common Criteria

The Common Criteria for Information Technology Security Evaluation is another accreditation process adopted by over 24 different certifying nations through the CCRA (Common Criteria Recognition Agreement).   Under the National Information Assurance Partnership, (NIAP), which is a branch of the Department of Defense, Common Criteria has a much wider review process of overall product design and functionality than FIPS, and covers the product from its inception, to final product and overall use.  It takes an all-encompassing look at the software, hardware, and  firmware of a device, as well as the overall development process of the product set from birth to commercial release.  Ultimately, nearly every aspect and process which goes into the design, development, release, and support of a product is reviewed and scrutinized.  Common Criteria evaluations can be a very costly and time-consuming process, but the results are a remarkably powerful and secure product.  This complex evaluation process involves several testing labs and governing authorized members to oversee that certain security and functionality standards are met.  Like FIPS, there are several levels of achievement based on the level of complexity, security and functionality necessary.  Evaluated by levels of intensity of 1 through 7, Common Criteria tests products anywhere from a range of secure, to full-fledged national security standards.

By pursuing the EAL 2+ level Common Criteria process, Kanguru’s devices surpass all others in the secure, portable storage market.  This is where the “rubber meets the road” when it comes to developing high-end security devices, ensuring a complete testing process, and the highest of standards in data protection are met.   In Kanguru’s Defender Series for example, the Defender Elite along with other Kanguru product sets is in process of being evaluated under the Evaluation Assurance Level (EAL) 2.  This means that the product set adheres to an agreed upon protection profile from a certifying country, and that the follow-up testing ensures that the processes which Kanguru uses to develop, design, and maintain its products are sound and secure.

Why It Matters

With the seriousness related to data security breaches, government and regulatory organizations have cracked down on financial corporations, medical institutions, and businesses alike, holding them accountable for maintaining, structuring and managing security of all sensitive data.  Regulatory Acts such as Sarbanes-Oxley, Gramm-Leach-Bliley and HIPPA are just a few of the stringent regulations keeping organization’s “feet to the fire” so to speak.  Violating or breaching these Acts comes with some very stiff and sometimes devastating penalties.  Companies dealing with highly-sensitive or personal data must adhere and comply with these regulatory standards.  Kanguru ensures that their products adhere to the highest of standards in order to assist companies and organizations to hold fast to these regulations.

By achieving both FIPS 140-2 and EAL 2+ together, Kanguru surpasses other similar devices in the industry, going above and beyond the call of duty.  The fact that the entire product and set of processes has undergone a rigorous set of security evaluations makes a more compelling case for breadth of coverage than a product which has only had a specific component evaluated!  Customers can be assured that their Kanguru FIPS and EAL 2+ evaluated products meet the toughest and most stringent standards in the industry, providing the strongest option available to uphold even the most rigorous regulatory, and data security laws.

• A Nuclear Safety Report could be exposed due to lack of security on a storage device

• College could have easily avoided exposure of social security information with data security

• Business owners still not taking proper measures to protect data

• Over 1.2 billion records exposed…

These are just a few of the latest harsh realities pulled recently from news headlines.  Scary stuff!  Organizations are finding themselves picking up the pieces after enormous and costly data breach “accidents” expose countless personal information needlessly. Even more sobering is a ruling made just about a year ago by the 9^th US Circuit Court of Appeals in a case regarding Starbucks that companies or customers exposed by these data breaches now don’t even need to show actual harm or imminent threat in order to take a case to trial and file a lawsuit in the event of a data breach. They can now claim severe negligence on the part of organizations that do not secure their information.  (see related article) Security breaches are becoming one of the most costly and profit-zapping “accidents” for any organization yet they are easy to avoid.

Many of these informational breaches could have been avoided with the proactive use of hardware-encrypted devices, and remote management systems in place – a frugal investment that could save a company thousands, perhaps millions of dollars in potential lawsuits, lost data and full-scale breaches. With simple products like Kanguru’s remote management system and the Kanguru Defender Series, USB Flash Drives are automatically encrypted at military strength without the user having to do anything but set up a password.  In addition, for organizations, the devices can be tracked and remotely managed, disabled and deleted in the event that a USB Flash Drive is lost or stolen; evasively protecting sensitive information from getting into the wrong hands. Even better is the fact that each USB drive is password protected and you can set a limited number of log-in attempts, guaranteeing that the device cannot be tampered with or the information exposed. The beauty of Kanguru’s hardware encrypted devices is that they are so simple and easy to use, with write-protection built in. You can use them without having to install software on the PC, and you don’t even need admin rights as some of the leading USB devices require.

Which would you prefer? Cheap, unencrypted flash drives with no protection and the huge risk of a costly a data breach, or peace of mind with a protective, remote management system in place that puts you in complete control of your information from anywhere in the world?  Kanguru has worked hard to make your data security easy.

For more information about Kanguru’s remote management and Defender Hardware-Encrypted devices, please visit www.kanguru.com.

Kanguru Solutions provides top-notch security devices to help you comply with security regulations

There’s an old English idiom that says “you can’t have your cake and eat it too.” The popular figure of speech often implies that you can’t have it both ways, or you can’t have the best of both worlds. But what if you could when it comes to having top-notch security for your important data to keep your information safe, AND having the full flexibility you need?

Kanguru provides this happy medium, with complete, secure control and ease of flexibility to handle all of your sensitive data, all while helping you stay compliant with even the strictest of regulations. “Companies can’t ignore the risks,” says Kanguru CEO Don Brown. “We make it very easy for companies to be vigilant and comply with regulations, and still have the flexibility they need to conduct their business.”

Kanguru’s Remote Management Console™ , along with the Kanguru Defender Elite™, Secure USB Flash Drives are two examples of how Kanguru makes it incredibly simple to monitor, protect and maintain secure information under rigorous new laws.

For example, the Sarbanes-Oxley Act legislated in 2002, requires all U.S. publicly traded companies large and small to comply with federal regulations to monitor and maintain all sensitive data. Under Section 404 of the Act, management of organizations are required to produce an “internal control report” and must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting.” Small, medium and large businesses that aren’t forced to do so can easily follow this standard as well.

Kanguru Defender Elite™ Hardware-Encrypted Flash Drives provide the best FIPS 140-2 Certified security while offering complete flexibility to access, control, transfer and store important data across all of your USB-enabled devices. They deliver password protection and encrypt the data with write-protection built in. Unlike other secure products, there’s no software to install or admin rights necessary. If someone steals it or your Defender Flash Drive gets lost, there’s no risk of the data falling into the wrong hands. Who wouldn’t want that peace of mind at an affordable price?

If you want complete management over a fleet of Kanguru Defender USB devices, Kanguru provides even more superior quality control with the Kanguru Remote Management Console™ (KRMC). This software gives you complete flexibility to control one or more Defender USB Flash Drives remotely either via a cloud version or full enterprise server version, according to your own preferences, offering ultimate security and flexibility. Remotely delete lost or stolen devices, set password policies, and have complete log and auditing capabilities to meet the strictest of standards and show full compliance.

Kanguru Defender Elite™
Kanguru’s Remote Management Console™

For more information, please visit our website www.kanguru.com or contact Kanguru Solutions at 1-888-KANGURU.

Like storage rentals that provide a temporary solution to lock away furniture and other personal possessions, there’s a limit to just how long you might want to pay for such a service.   Similarly, why would you want to store files in a cloud-based digital “locker” system if you have to pay prolonged service fees in order to do so?

According to a recent poll conducted across a wide age-group of consumers in the United States, about 90 percent of those polled were open to the idea of storing their files online in a cloud service, but nearly 70 percent of them said they would be less inclined to pay for the service.

Recent concerns have also been raised over just how safe and convenient cloud storage really is after the latest demise of Megaupload, where millions of legal users were completely locked out with no access to their files.  (Visit last week’s post for more about this)

Universities and other organizations are becoming more hesitant about students and faculty using cloud-based services such as Dropbox.com and Google Apps due to rapidly-changing Terms of Service, and the inherent insecurities of protecting sensitive data, resulting in this recent announcement by the University of Delaware highlighting their concerns.

But there’s great news!  Kanguru’s storage products offer the most convenient, secure and flexible solutions for storing large amounts of data. Get the easy access, security and control you want and expect, at an affordable one-time price. Safely warehouse, back-up, protect, transfer and conveniently-manage all of your files, and secure 100 percent control over them.

With Kanguru’s newest line of Solid State Drives, you not only get lightning fast read and write speeds, but improved robustness and less energy consumption with no mechanical moving parts to generate heat or wear down.

Kanguru’s Defender Series of Flash Drives also gives you complete control over the transfer of files. Worried about security for sensitive data if one were ever lost or stolen? Worry no more with password-protected, and remote management tools that make it incredibly simple to protect and secure your data.

Kanguru SSD

Kanguru Defender Hardware-Encrypted USB Flash Drives

Today’s article in GCN highlights this concern:

A Justice Department spokesman told DigitalTrends that, in this case, users didn’t have a right to expect their files back, because Megaupload had warned them on its terms-of-service and website FAQ to make copies of their files and that the users assumed responsibility for any loss of data.

Kanguru offers great, large-capacity storage solutions with built-in security options; perfect for keeping your files safe and portable on-the-go, and giving you 100% control over your files.  Take a look:

• Kanguru Defender Elite™
• Kanguru SSD™
• RocIT Defender™

The Kanguru SSD 100 is available in 64GB, 128GB and 256GB capacities.  Buy online or from your preferred IT solution provider.

Kanguru SSD 100

Here a short excerpt:

Twas the night before Christmas, when all through the house
Not a creature was stirring, not even a mouse.
The data was all safe, protected with care,
In hopes that year-end bonuses soon would be there.

The servers were nestled all safe in their racks
Protected from malware and vile forms of hacks.
The data all encrypted, with a nice complex key,
The software came, of course, with a great big huge fee.

The full post is a fun read for IT and Infosec Professionals, check it out here.

Have a safe and happy holiday!

For many years solid state drives have been reserved for technology enthusiasts, hardcore gamers and those with deep pockets. The performance advantage of SSDs over traditional, spinning-platter hard disk drives, or HDDs, has never been a point of contention. SSD’s transfer rates typically double or triple the speed of their mechanical counterparts. However, the high retail price for even low-capacity SSDs prevented the average computer user from experiencing the benefits of an SSD.

As the cost per gigabyte for SSDs has come down in recent years we are finally seeing SSD prices straddling the line of affordability and consumers and manufacturers have taken notice, and you should too. In addition to becoming affordable, added features and improved technology have SSDs making a strong case to replace the aging HDD in your computer or laptop.

Reliability

It is a common fallacy that SSDs are less reliable than HDDs. This is actually pretty far from the truth. In 2010, the percentage of component returns to retailers was very close between the top 5 SSD manufacturers and top 5 HDD manufacturers, about 2-3%[1].  So we know that SSDs aren’t being returned at a higher rate than HDDs.

This misconception may be the result of SSDs growing pains through its early years. Early SSD adopters were plagued by issues like poor firmware, degrading flash memory and other issues typical to new technology. This resulted in an initial negative response from the tech community which may be continuing to haunt SSDs, even though the reliability of SSDs has become better than HDDs on several levels.

Fundamentally solid state disks are more reliable because SSDs do not contain any moving parts. There are no read heads, actuator arms or spinning platters that can break down in an SSD. SSDs can be moved around freely while in use and have a higher tolerance against shock and vibration than HDDs. In a mechanical HDD platters spin at thousands of rotations per minute, and any shock or vibration can cause data to become corrupted or a mechanical component to malfunction.

When a mechanical hard drive with spinning platters crashes it often results in physical damage to the platters which store data. Physical damage to these platters could cause data to be lost permanently. SSDs do not suffer from this vulnerability. Typically if a SSD crashes, it usually occurs with an electronic component like a transistor or capacitor which may cause the drive to be inoperable, but the memory should remain completely intact and recoverable.

New Technologies

As with any new technology, SSDs experienced their fair share of growing pains as they matured. And like with so many problems that occur with new technology, these problems were fixed using technological innovations.

-          Native Command Queuing (NCQ): Originally designed to increase SATA HDD performance by optimizing the order in which read/write commands are executed, NCQ reduces latency on mechanical drives by grouping commands that would be read/written to the same area on the disk. However with solid state drives, since there are no moving parts, there is extremely low latency and the opposite occurs. NCQ ensures that a SSD has commands to process while the host system is processing CPU tasks.

-          TRIM: NAND flash memory cells are grouped into 4kB pages, which are then further grouped into 512kB blocks. Cells can only be written to if they are empty, and though write operations can occur on the page level, erase commands affect entire blocks. So in order to overwrite a page, the contents of the entire block have to be moved to cache before the block can be erased, and then rewritten. This causes a dramatic decrease in write performance when pages need to be overwritten. The TRIM command allows the SSD to handle garbage collection overhead in advance.

Power Consumption

Without any moving parts, SSDs provide an enormous advantage over HDDs in power efficiency. This is especially beneficial for road warriors who are looking for ways to squeeze more life out of their laptop battery. Although an SSD actually increases system power consumption, since the CPU and memory utilization rises in response to increased I/O activity, an SSD based system will always finish operations faster and ultimately will allow you to go longer without having to plug in.

Price

At the end of the day, price is what your typical consumer looks at when looking to update their computer. However you cannot base the total cost of an SSD on price per GB alone. For businesses, upgrading to SSDs in your workstations means faster system boot up times which allows your employees to spend less time waiting for their systems to start and more time working. Then there is time saved waiting for applications to load, reduced deployment time and less downtime for IT support. When you factor in all these variables, you can see how an SSD is an investment that pays off over time.

The future of data storage is solid. Although the technology has needed time to work out the kinks, we are now witnessing an evolution in the way we process data. The time of mechanical, spinning hard drives is drawing to an end, and I for one welcome the change. Wide spread adoption of solid state drives will bring computing advancements to the next level and you would be well advised not to get left behind.