IronKey Basic S200, Basic S100, Basic D200 User Manual
IRONKEY Basic
User Guide
Models
S200, S100
D200
PAGE 1IRONKEY BASIC USER GUIDE
Thank you for your interest in IronKey.
IronKey is committed to creating and developing
the best security technologies and making
them simple-to-use, affordable, and available
to everyone. Years of research and millions of
dollars of development have gone into bringing
this technology to you in the IronKey.
For a quick product overview, you can also view
our online demos at https://www.ironkey.com/demo.
We are very open to user feedback and would
greatly appreciate hearing about your comments,
suggestions, and experiences with the IronKey.
Standard Feedback:
feedback@ironkey.com
Anonymous Feedback:
https://www.ironkey.com/feedback
User Forum:
https://forum.ironkey.com
PAGE 1IRONKEY BASIC USER GUIDE
CONTENTS
What is it? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Meet the IronKey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Core Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Device Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Technical and Security Notes
IronKey Device Security
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
How does it work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Product Walkthrough . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Initializing Your IronKey on Windows
Using the IronKey Unlocker on Windows
Initializing Your IronKey on a Mac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Using the IronKey Unlocker on a Mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Initializing Your IronKey on Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Using the IronKey Unlocker on Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Activating IronKey Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Using the Secure Backup Software (Windows Only) . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Using the IronKey Virtual Keyboard (Windows Only) . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Using Your IronKey in Read-Only Mode (Windows, Mac, Linux) . . . . . . . . . . . . . . . . . . 18
Product Specications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
What’s next? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Where can I go for more info?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Who is the IronKey Team? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Contact Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
PAGE 2IRONKEY BASIC USER GUIDE
What is it?
Meet the IronKey
IronKey Basic is designed to be the world’s most secure USB ash drive.
Now you can safely carry your les and data with you wherever you go.
And even if your IronKey is lost or stolen, your data remains protected
and can even be restored to a new IronKey from an encrypted backup.
While it uses some of today’s most advanced security technologies, it is
simple to use and you only need to remember one password to unlock it.
PAGE 3IRONKEY BASIC USER GUIDE
Core Features
Hardware-Encrypted Flash Drive
Your IronKey can safely store gigabytes of documents, applications, les
and other data. The IronKey Cryptochip inside the IronKey protects your
data to the same level as highly classied government information. This
encryption technology is always on and cannot be disabled.
Self-Destruct Sequence
If the IronKey Cryptochip detects physical tampering by a thief or a
hacker, it initiates a self-destruct sequence. Also, to protect against brute
force password attacks, after 10 consecutive incorrect password attempts,
it securely erases all onboard data using patent-pending ash-trash
technology—so remember your password.
Anti-Malware Autorun Protection
Your IronKey helps protect you from many of the latest malware threats
targeting USB ash drives. It detects and prevents autorun execution of
unapproved programs, and it can be unlocked in Read-Only Mode.
Portable Cross-Platform Data Access
The IronKey Unlocker allows you to access your encrypted les on
Windows 2000, XP, Vista, Mac OS X and numerous distributions of Linux.
Simple Device Management
Your IronKey includes the IronKey Control Panel, a central management
area for accessing your les, editing your preferences, changing your
device password and safely locking your IronKey.
Secure Local Backup and Data Recovery
Securely back up the data on your IronKey using IronKey’s Secure Backup
software. It allows you to recover you data to a new IronKey in case
your IronKey is ever lost or stolen, or to synchronize data between
multiple IronKeys.
Waterproof and Tamper-Resistant
The IronKey was designed to survive the extremes. The IronKey’s rugged
encasing is injected with an epoxy compound that makes it not only
tamper-resistant, but waterproof to military specications (MIL-STD-810F).
Section 508 compliance
The IronKey Control Panel is Section 508 compliant. Users with
disabilities have keyboard navigation and screen reader support.
PAGE 4IRONKEY BASIC USER GUIDE
Rugged case
lled solid with epoxy
Multi-color LED
Drilled holes for
keyring/lanyard
Area to engrave
your name/code
Laser-engraved
unique serial number
(plus barcode on newer
devices)
Device Diagrams
The IronKey has been designed from the ground up with security in mind.
A combination of advanced security technologies are used to ensure
that only you can access your data. Additionally, the IronKey has been
designed to be physically secure, to prevent hardware-level attacks and
tampering, as well as to make the device rugged and long-lasting. You can
rest assured that your data is secured when you carry an IronKey.
Cap
USB 2.0
Connector
This IronKey Cryptochip is hardened against physical attacks such as
power attacks and bus snifng. It is physically impossible to tamper with
its protected data or reset the password counter. If the Cryptochip
detects a physical attack from a hacker, it destroys the encryption keys,
making the stored encrypted les inaccessible.
PAGE 5IRONKEY BASIC USER GUIDE
Technical and Security Notes
We are endeavoring to be very open about the security architecture and
technology that we use in designing and building the IronKey. There is
no hocus-pocus or handwaving here. We use established cryptographic
algorithms, we develop threat models, and we perform security analyses
(internal and third party) of our systems all the way through design,
development and deployment.
IRONKEY DEVICE SECURITY
Data Encryption Keys
» AES key generated by onboard Random Number Generator
» AES key generated by customer at initialization time and encrypted
» AES key never leaves the hardware and is not stored in NAND ash
Self-Destruct Data Protection
» Secure volume does not mount until password is veried in hardware
» Password try-counter implemented in tamper-resistant hardware
» Once password try-count is exceeded, all data is erased by hardware
Additional Security Features
» USB command channel encryption to protect device communications
Physically Secure
» Solid, rugged case
» Encryption keys stored in the tamper-resistant IronKey Cryptochip
» All chips are protected by epoxy-based potting compound
» Exceeds military waterproof standards (MIL-STD-810F)
Device Password Protection
The device password is hashed using salted SHA-256 before being
transmitted to the IronKey Secure Flash Drive over a secure and unique
USB channel. It is stored in an extremely inaccessible location in the
protected hardware. The hashed password is validated in hardware (there
is no “getPassword” function that can retrieve the hashed password), and
only after the password is validated is the AES encryption key unlocked.
The password try-counter is also implemented in hardware to prevent
memory rewind attacks. Typing your password incorrectly too many times
initiates a patent-pending “ash-trash” self-destruct sequence, which is run
in hardware rather than using software, ensuring the ultimate protection
for your data.
PAGE 6IRONKEY BASIC USER GUIDE
Loading...