Q: Are Kanguru Defender Elite flash drives difficult to use?
A: No, the Kanguru Defender Elite uses a simple login box that prompts the user for a password. This login prompt appears automatically when the drive is plugged in. After entering the password, the drive functions just like an ordinary flash drive except that all data is being automatically encrypted when transferred. No drivers or additional software are required to use the Defender Elite.
Q: How is my data secured?
A: All data stored on the Kanguru Defender Elite is encrypted using 256-bit AES Hardware Encryption. All encryption functions are carried out on a dedicated processor built into the chip. Kanguru’s encryption application has been tested by an independent third-party security lab and submitted to the US and Canadian Governments for FIPS 140-2 Certification. The Defender Elite is filled with tamperproof epoxy so that hackers cannot access the encryption processor.
Q: How does Kanguru Defender Elite prevent brute-force password attacks?
A: After six invalid login attempts, security features will be activated to prevent an unauthorized user from repeatedly guessing passwords in a brute-force attack. By default the drive will reformat itself after six attempts and securely wipe all data from the drive. The drive can be reused but data will be unrecoverable. The Kanguru Local Administrator Tool can be used to customize the number of attempts allowed and select between secure wipe, drive disable, or a simple time-out period.
Q: Can I customize the security settings on the Defender Elite?
A: Yes, the Kanguru Local Administrator Tool (KLA) allows an authorized administrator to configure their organization’s flash drives. The administrator can customize the password requirements, number of invalid login attempts, and other security settings. KLA can also configure Defender Elite flash drives with a master password that allows an administrator to unlock drives if an employee leaves the company or forgets their user password.
Q: How do I manage my devices in a small business environment?
A: The Kanguru Remote Management Console (KRMC) Cloud Edition is perfect for managing a small fleet of USB flash drives. The administrator simply logs into a web console to track and manage all drives in the organization. Features include remote deletion of lost drives, ability to update security settings on the fly, and an audit log of drive usage. The entire server infrastructure is provided by Kanguru on a yearly subscription basis, so there is no upfront server cost or ongoing maintenance.
Q: How do I manage my devices in a large enterprise?
A: The Kanguru Remote Management Console (KRMC) Enterprise Edition is designed to meet the security requirements of a large business or public sector enterprise. USB flash drives are managed by a hierarchy of administrators with increasing permission levels and full auditing. The platform also integrates with Active Directory for easy provisioning. With KRMC, the enterprise IT staff is in control of the flash drive fleet. Manage password and security settings, track and locate drives, delete or disable missing devices, and log all actions with an easy-to-use web console. All communication is encrypted with secure SSL or TLS protocols.
Q: How does KRMC affect my overall costs?
A: Although there is an initial investment to implement KRMC, long run savings are achieved through lower helpdesk costs and improved asset tracking. Password resets, which account for a large number of helpdesk tickets, can be handled remotely in a matter of seconds. Defender Elite flash drives are provisioned to individual users, who can be held accountable for company property. And last but not least, KRMC greatly reduces the organization’s risk of a very expensive data breach.
Q: How does KRMC help me comply with data breach notification laws?
A: Whether your organization is covered by HIPAA or one of the many State-level data breach notification laws, KRMC keeps detailed audit logs that are essential to proving compliance. These records can demonstrate that all flash drives have strong password policies in place, are only accessing authorized workstations, and are up to date on all security patches. If a drive is lost or stolen, you can show that the drive was remotely deleted at an exact time, date and IP Address.
Q: How do Defender Elite and KRMC defend against the insider threat?
A: Many of today’s data breaches are caused either accidentally or intentionally by company insiders. The Defender Elite removes risk of data exposure by forcing all data stored on the drive to be encrypted. There is no way for an employee to inadvertently or intentionally circumvent the encryption process. KRMC further restricts data leakage by limiting drive usage to authorized Domains or IP Addresses, and when an employee leaves the organization their drive can be disabled to prevent them from leaving with sensitive data. Additionally, the new Device Control add-on module prevents users from bringing an unauthorized USB storage device into the corporate network and downloading data. Nothing leaves the network unless it is on a secure Defender Elite drive that is under full control of the IT Security team.