IronKey Extends Trusted Virtual Computing Platform to Protect Corporate Banking Customers
LOS ALTOS, Calif., Feb. 23 /PRNewswire/ -- To help address the serious dangers posed by ever more sophisticated malicious software ("malware") that is infecting the computers of users of corporate online banking services, IronKey, the leader in secure and managed portable computing solutions, today announced its Trusted Access for Banking solution. This new product is an application and services suite that leverages the capabilities of IronKey's Trusted Computing Environment platform to allow banks to provide identity protection, strong authentication and fraud protection at the endpoint for corporate banking customers.
The computer security industry is discovering increased numbers of malicious software variants that are designed to steal identity credentials and perform fraudulent transactions from the computers of infected banking users. A recent Symantec report states there are 70,330 unique variants of the Zeus banking Trojan malware, with the true absolute figure to be much higher, making it hard to detect, and one of the top risks to users of online corporate banking services.
"Organized cyber crime rings have begun to shift away from massive phishing attacks against individual commercial banking customers, and instead are targeting bigger players including corporate banks," said David Jevans, CEO of IronKey. "We are committed to helping our corporate banking customers protect their customers against these threats. The IronKey solution isolates access to the online corporate banking system from the host PC, creating a trusted virtual computing environment and protecting commercial banking customers from current and next-generation malware and fraud schemes."
IronKey Trusted Access for Banking is a purpose-built application of the IronKey multifunction security device. Corporate banking customers simply plug it into a computer, and enter their device password. Once the IronKey device is successfully unlocked, its virtualized operating system automatically runs, and a secure Web browser launches and goes directly to the bank's website. It incorporates a locked down Web browser that is protected against malware from the host PC, and may also be configured to allow users to visit only specific websites.
Zeus/Zbot is different than other Trojans because it gives hackers the ability to alter a Web input rendered by the victim's browser to display its own content, mimicking a bank's Web page form as a legitimate bank website. When the unsuspecting user completes the additional fields on the form, these private credentials are sent directly to the criminal. It can even be customized to steal information from banks in a specific geographic region.
IronKey prevents these types of man-in-the-browser attacks, and enables a trusted virtualized environment protected from malware-infected host computers. The IronKey system conducts an anti-malware scan of the host computer before enabling the secure environment, and even provides the option to boot a host operating system from the IronKey device to protect against threats on infected host computers. The IronKey solution is available with an integrated RSA SecurID® software token that generates one-time passwords, and as a result, provides a single device that serves as both a secure banking platform and a mechanism for two-factor authentication. IronKey Trusted Access for Banking has a SaaS or software centralized management capabilities for policy control and reporting.
"Corporate resources are at very high risk as fraudsters combine increasingly sophisticated malware and manipulative attack vectors with an evolving ability to monetize stolen information," said Tom Corn, vice president of product marketing at RSA, The Security Division of EMC. "It has come to the point where we advise organizations that are taking additional measures to prevent online threats to first assume that all of their computers are compromised. By teaming up with IronKey, we can provide these organizations with increased layers of protection that not only reduce complexity but also increase confidence that identities, information and infrastructure are better protected."
The IronKey Trusted Access for Banking solution is available in March and can be seen in action at the RSA show March, 1-5 in San Francisco, CA, in the IronKey booth #2333.
Social Media Destinations and Resources:
- IronKey CEO Blog: http://blog.ironkey.com/
- IronKey Forum: https://forum.ironkey.com/
- IronKey Security Policy: http://cs-www.ncsl.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1149.pdf
- Symantec Zeus the King of Crimeware Toolkits: http://www.symantec.com/connect/blogs/zeus-king-underground-crimeware-toolkits
About IronKey:
IronKey is the global leader in providing secure and managed portable storage, authentication, and trusted virtual computing solutions for mobile workers. IronKey multifunction portable security devices, management software and associated services are designed to meet the security, performance, and privacy standards of the most demanding enterprise and government customers. IronKey solutions range from IronKey Basic, the world's most secure USB flash drive, to the IronKey Enterprise Virtual Desktop solution for carrying a secure operating system and virtual desktop environment on a pocket-sized device. IronKey works with industry leaders in virtualization, storage and security, including Lockheed Martin, McAfee, MokaFive, RSA, RingCube and VeriSign to extend the applications of its secure mobile computing platform. IronKey products are FIPS 140-2, Level 3 validated. Thousands of customers use IronKey, including Fortune 500 companies, enterprise organizations in financial services, healthcare and legal markets, as well as government agencies, including FEMA, NATO and DHS. For more information, please visit www.IronKey.com.
RSA and SecurID are either registered trademarks or trademarks of RSA Security, Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other trade names and trademarks are the property of their respective holders.
SOURCE IronKey
.
