Home Data Security Guidance Download Contact About
General Questions about Data Security
© [ArmorSolutions] Ing.-Büro Hermann Ullenboom 2015
By reading the following questions you can evaluate the need of protecting the data for your company.
Which companies are threatened the most?   Medium-sized enterprises are often the targets of business and industry espionage. The risk awareness is normally not very distinct or the costs do not fit the budget. The reason to ignore data security may also be ignorance or lack of knowledge. Therefore we fulfill your need of security with an easy and secure solution at a reasonable price so you can effectively secure your company’s data. You can do this step by step while securing your most important business data first. What are the highest security risks in companies?   The highest security risk next to external attacks from hackers or industrial espionage are the own employees. They may accidentally access data which should not be accessible for them . Important are business, finance and personal data as well as development and research data. With our security solution you can protect these documents effectively from unauthorized access, even if these get into the hands of an employee. Even the systems administration can not access protected data without explicit permission from the executive office. Why is this statement incorrect: I am secure with my permission- and keymanagement?   Every access and permission system as well as key management is administrated by an IT department (internal or external). This IT department must have access to every data including the keys because it is their job. Therefore an internal attack (see article 2.) on classified data is possible and normally undetected. Our security solution with ArmorToken™ provides an effective protection against such attacks. The IT department surely contains their complete permission and can still provide protection for external attacks on data which is not that well secured. What kind of data should be encrypted?   You should only protect the data, which is really important. These data should be identified in the first step and placed encrypted at specific locations. The storage location itself is not important after the encryption. How can ArmorToken™ be outstandingly secure and still easy to use?   ArmorToken™ is a USB-Token with an integrated Smart Card, the most secure element where our keys (by elliptic curve cryptography ECC) are stored. The keys are generated only in the Smart Card and never leave it. Not even the manufacturer “ArmorSolutions” has any possibility to access the keys. The actual keys (AES) are derived from the keys (ECC) in the Smart Card. These keys decrypt the files while each file is encrypted with another key. By creating user groups you block not permitted users from access to your data. In the hierarchical order the highest group is the management. Every other group is lower ranked. To encrypt or decrypt your data you only have to connect your ArmorToken™ to the PC and enter your individual PIN code.
Data Security