iStorage cloudAshur User Manual

The key to your data™

ENCRYPT

to ensure the ultimate protection of your data
stored in the cloud or on your local network
drive, PC/MAC or any data storage device

SHARE

your encrypted data with authorised users
in the cloud as well as on your local network

drive, via email and le transfer services, in

real-time

MANAGE

and monitor your cloudAshur devices
centrally

To achieve data privacy, encryption of data is important, protection of the encryption key is vital.
To be a truly secure solution, it is imperative that the encryption key is stored away from the data.

That is why we developed the cloudAshur Hardware Security Module (patent pending), a PIN
authenticated hardware encrypted security module, that encrypts all data in transit and data at

rest with a FIPS certied randomly generated AES 256-bit encrypted encryption key which is

stored within a dedicated iStorage secure microprocessor (CC 4+ Ready).

Overview

cloudAshur is the perfect solution for anyone wanting to securely store, share, manage and monitor data in the cloud. cloudAshur
eliminates the security vulnerabilities that exist with cloud platforms, such as lack of control and unauthorised access. Hackers
are devising many sophisticated methods to target innocent and vulnerable users. Human error is also prevalent amongst data
leakage incidents.

The consequences of a cloud account being hacked can bring about theft and leakage of condential data, leading to potential job
losses, adverse publicity, hefty nes and the downfall of a business.

iStorage software suite

cloudAshur Client app (Windows & macOS)

cloudAshur is compatible with both PCs and MACs and works with numerous cloud providers including
Amazon Drive, Google Drive, OneDrive, Dropbox, iCloud and many more.

cloudAshur KeyWriter app (Windows)

The iStorage Patented KeyWriter software makes sharing of encrypted data in the cloud as well as on your

local network drive, via email and le transfer services (e.g. WeTransfer) between authorised users a breeze

with ultimate security and peace of mind, allowing users to securely share data with one another, in real-time,
regardless of their location.

cloudAshur Remote Management app (Windows)

iStorage cloudAshur Remote Management console gives you full control of all cloudAshur hardware security
modules deployed within your organisation offering a wide range of features to manage and monitor all users.

www.istorage-uk.com | info@istorage-uk.com | +44 (0) 20 8991 6260

All trademarks and brand names are the property of their respective owners.

CLOUDASHUR ENCRYPTION MODULE KEY FEATURES

PIN authenticated, hardware encrypted,
cloud encryption module (patents pending)

Ultra-secure 7-15-digit PIN to authenticate the

cloudAshur module

On-device Crypto-chip

Offering 100% real-time military grade AES-XTS or
AES-ECB 256-bit Hardware Encryption with FIPS
PUB 197 certied USB 3.0 encryption controller.

Brute force hack defence mechanism

If the User PIN is entered incorrectly 10 consecutive times,
the User PIN will be deleted and the drive can only be
accessed by entering the Admin PIN in order to reset the
User PIN. (Admin can change this from the default 10

incorrect PIN entries, to 1-9, for the User only)

If the Admin PIN is entered incorrectly 10 consecutive
times, all PINs and the encrypted encryption key will be
lost forever.

Five factor authentication

Something you have:

1. The cloudAshur hardware security module.

Something you know:

2. 7-15 digit Admin/User congurable PIN

3. Username and password for the iStorage
cloudAshur Windows or macOS client app

4. Where the data is stored, which cloud provider

5. Username and password for the cloud account

Compatible with Windows and macOS

cloudAshur client applications are Windows (7/8/10)

and macOS (Sierra/High Sierra/Mojave) compatible.

(Windows Client App) (macOS Client App)

Two encryption modes

The cloudAshur can be congured in two encryption
modes AES-ECB 256-bit (FIPS Compliant) and
AES-XTS 256-bit.

FIPS 140-2 Level 3 compliant tamper proof &
evident design

All critical components within the cloudAshur enclosure
are covered by a layer of super tough epoxy resin, which is
virtually impossible to remove without causing permanent
damage to the critical components.

If breached, the cloudAshur modules tamper evident design
will provide visible evidence that tampering has occurred.

www.istorage-uk.com | info@istorage-uk.com | +44 (0) 20 8991 6260

All trademarks and brand names are the property of their respective owners.

Uniquely incorporates Common Criteria
EAL4+ ready secure microprocessor

Which offers ultimate security against hackers, detecting
and responding to tampering with features such as:

• Dedicated hardware for protection against SPA/DPA/

SEMA, DEMA attacks

• Advanced protection against physical attacks,

including Active Shield, Enhance Protection Object,
CStack checker, Slope Detector and Parity Errors

• Environmental Protection Systems protecting against

voltage monitor, frequency monitor, temperature
monitor and light protection

• Secure Memory Management/Access Protection