Kanguru’s Defender line of hardware encrypted devices have the ability to be remotely managed through either a customer hosted server (referred to as Kanguru’s Enterprise offering), or through a hosted SaaS solution (referred to as Kanguru’s Cloud offering). The security implementations are virtually identical with the major differences being on the hosting and provisioning sides.
The Defender drives are provisioned with a device certificate which is generated by the KRMC (Enterprise or Cloud) Certificate Authority. This device certificate establishes a chain of trust between the remote device and the Kanguru server and allows a key exchange to take place which configures an SSL/TLS encrypted communication channel. All device to server (bilateral) information is carried over this encrypted channel. Kanguru’s implementation of communication between devices and server has been reviewed as part of our Common Criteria security project.