Secure Storage Features
Layered security protect data at rest and throughout its lifecyle
Data Lifecycle Protection
More sensitive data, more devices operating at the edge, more sophisticated threat actors require security capabilities that ensure data integrity throughout its lifecycle. Cigent provides unparalleled capabilities to secure data at rest and when a device is in use and ensure proper sanitization at end of life.
Value | Description | |
---|---|---|
Alpha Features | ||
AES 256 Full DriveEncryption | Protection of data at rest. | Full-drive AES 256-bit hardware full -drive encryption validated byNSA, CISA, and other experts. |
Pre-boot Authentication(PBA) | PBA prevents adversary from circumventing fulldrive encryption by attacking boot process. | PBA provides a separate, secure authentication prior to initiatingboot. Cigent PBA has been approved by NSA meeting CSfC fordata at rest protection. Available on 2280 and 2230 Secure Storage. |
Multifactor Authentication(MFA) | MFA increases data at rest protection requiringmultiple authentication factors to access data. | MA capability requiring use of both U/N Password and smart card(CAC) or security key. |
Inaccessible Keys | Prevent advanced threat actors from utilizingadvanced data recovery techniques to locate keyson the drive. | Keys are created using maximum characters allowed,deconstructed, and never stored in their entirety on the drive.Available on Cigent External Storage. |
Hidden Partitions | Secure enclaves hidden from adversaries evenwhen devices is in use. Adversaries unaware ofeven existence of partitions. | Ability to create separate locked partitions where data is locked andunreadable at the sector level even when device is in use. Useraccesses with step-up authentication. 2290, 2230, and U.2 storage devices create up to eight partitionsSD, MicroSD, and Embedded BGA create up to three partitions. |
Cloning and wipingprevention | Regardless of device state, data is unreadablepreventing cloning or wiping attacks. | Pre-boot HW FDE and post-boot utilizing hidden partition that lockall ranges rendering data unreadable. |
Crypto and Full Block Erase | Remote or locally execute data erasure foremergency data destruction or storage retirementor repurpose. | Crypto erasure eradicates encryption keys in milliseconds. Blockerasure uses voltage increases to permanently erase data. |
Bravo Features | ||
Automated Protection | Prevents sophisticated adversary who has established Windows admin privileges from interrupting Cigent protections via services. | When utilizing partitions, continual confirmation (every 30 seconds) between software and firmware that protections are in place. If disruption is detected, immediately locks all partitions. |
Secure data logs | In the event of a data breach, Cigent provides secured data logs chronicling all data transactions. Logs can be reviewed for malicious behavior or post-breach forensics. | Captures every data transaction in secured, tamper-proof logs. Only solution that tracks data theft when insiders boot off a USB stick |
Verified Data erasure | Require complete confidence that data has been permanently erased for emergency data destruction or storage retirement or repurpose. Emergence of quantum computing makes proper data erasure critical. | All offerings include crypto wipes and full block level wipe. Patented capability to verify at the block level that every block has permanently erased. Able to issue and verify erasure remotely or on device. |
Charlie Features | ||
Al Secured Storage | Al embedded in storage continually monitors data access patterns instantly securing data when anomalous behavior is detected.. | Al trained to detect anomalous data access patterns embedded with storage firmware preventing tampering. Can detect sophisticated attacks such as alternate O/S boot. |
Delta Features | ||
Advanced Physical Protection | Multiple dedicated physical features that protect against sophisticated threat actors providing tamper detection, alerts, and advanced protective measures. | Extended life capacitors maintain power for up to two weeks. Accelerometer senses and securely documents if device has been moved. Disconnect detection circuit: dedicated microprocessors detects if device has been removed. The next time reconnected immediately execute crypto and block erase. |
ebook
Discover Secure Storage Solutions
Cigent is prepared to support your mission navigating the complex compliance requirements to protect data at the edge. Its solutions were developed for and with US Federal agencies with deep expertise in data protection. Read our extensive eBook to learn more.
Cigent’s Federal Data Protection Solutions are second to none
Learn more about how Cigent can help you achieve your mission and protect data at rest and data on the edge from all forms of attack.