Description of solution  Home»Products»AreaGuard»Description of solution

These days the most of users knows terms like Antivirus, Firewall or VPN, their producers are often tell-all in many professional periodicals. These products protect computers from internet or network attacks. Success stories about hacking well known companies network from the internet are not rare. In any case they don’t solve if authorized person works with computer or if data are scrambled for unauthorized person (attacker). But withal forgotten and consequently stolen notebook from car which parks in front of restaurant or un-loyal employee who provides access to data is surely cheaper and technically less demanding attack to sensitive personal or business data than attack from the internet or network.

Secure computer login

AreaGuard Gina module requires inserting of smart card or USB token with login information before you start your work, without it you cannot work with your computer. After insertion of smart card or USB token user is asked to insert his PIN which verifies whether the user is really owner of this smart card or USB token. PIN can be simple, because of smart card or token gets blocked after three wrong tries. When the smart card or USB token is removed, the computer gets locked and you can continue with your work again after insertion of smart card or token and correct PIN. System cooperates with all smart cards and USB tokens which support PKCS#11.

Protection of personal and business data

The only way of protecting information stored inside computer is encryption which transforms readable data into unreadable form. Encryption is done with standard encryption algorithms with user’s created encryption key. The AreaGuard Notes module allows on-line encryption of all files, which are stored in user’s working directory (for example Documents). In case when user is securely logged in by smart card or USB token, then his encryption keys are available and files in his working directory are transparently encrypted and decrypted. There is no way to get files from this directory in readable form without inserted smart card or USB token. In case of backup of user’s working directory, backup contains encrypted files.

On-line files encryption

Files stored on memory media (hard disk, network disk, removable disk, CD, CD-RW, diskette etc.) may contains confidential (internal) information of user and organization. Therefore there are strong reasons to secure these files against possible misuse by unauthorized person who can obtain these files by for example steeling according memory medium.
The only way how to protect from this fact is usage of cryptographic (encryption) resources. User most friendly and so high efficient way is using on-line encryption of files in specified folders (for example: Documents of given user).
On-line encryption means , that with every creation of file or write to file inside encrypted directory all data are automatically encrypted by set encryption algorithm and key. Otherwise when reading data from encrypted file, they are automatically decrypted in workstation memory. On the disk they are still in encrypted form. Encrypted file could be stored on local disc, removable or network disc.
If the encrypted directory is shared to more users, every user must have encrypted key by which are files in this directory encrypted. Files are decrypted in workstation's memory so transfer of encrypted files over network is secure.
In context of AreaGuard Notes there is possibility to make secure data "Shredding". Conventional deleting of files is not ideal, deleted file from disk is easy to recover back. Shredding by AreaGuard perfectly deletes files from your computer and so it prevents to possibly misuse sensitive data.

Easy recovery after computer’s crash

After the operating system crashes the recovery of encrypted files is very simple, due to the fact that all encryption keys are stored in a smart card or USB token and are not connected anyhow to operating system. Content of smart card or USB token can be easily backed up into the file and then stored in safe place in case of damaging or loosing.  

Centralized management

For idea reasons of complex processes accompanied implementation of security system on workstations many responsible organization’s employees postpone assertion of implementation  Desktop Security System. Withal it is sufficient to centralize management of users, their smart cards or USB tokens, encryption keys, encrypted directories settings and system policies to one place in the network which is accessible from all of workstation. With help of AreaGuard AdminKit is possible to accomplish this condition in easy, fast, effective and affordable way…

Surveys show that more than 90% of organizations have no security policy created that would solves possibility of organization’s data steeling by own employees. Organizations which have this problem in their security policies solve it legislative by employee’s signed statements that they do not organize even help with any attack to organization’s data. Legislative steps aren’t sufficient enough, because of motivation of an employee to organize attack can be much higher than penalization results from signed statement.