CloudAshur Encryption Module

(1 customer review)

A PIN authenticated hardware encrypted security module that encrypts all your data before storing it in 3rd party cloud. The module also allows you to encrypt and store data on local storage drive, or transfer encrypted data, or email encrypted data as attachment.

Clear

Express Delivery, Free for orders over $299.

3 Year Warranty.

Secure Checkout.

CloudAshur

securely store, share and manage data in the cloud. Encrypt data stored on a network drive or computer and send encrypted emails

cloudAshur

Introducing the future of cloud security

The cloudAshur eliminates all the security vulnerabilities that exist with cloud platforms, such as lack of control, unauthorised access and human error.

Incorporating similar technology as used in other iStorage products, which are certified to the highest government accreditation schemes, such as FIPS 140-2 Level 3, NCSC CPA, NLNCSA BSPA & Dep V and NATO Restricted level, iStorage has developed a unique solution that stores and protects the encrypted encryption key in the most secure way possible.

Using cloud applications for your personal or business needs has many benefits such as providing benefits in scale, functionality, agility and cost savings. However, many organisations are reluctant to migrate to the cloud due to lack of control, data privacy and security concerns. Hackers are devising an array of sophisticated methods to target vulnerable users in order to gain access to confidential data stored in the cloud, which can lead to hefty fines, job losses as well as severe brand damage.

FIPS Compliant

ENCRYPT:

FIPS Certified Encryption

encrypted usb storage

SHARE:

real-time, ultra-secure collaboration

IP68

MANAGE:

full visibility and control of devices

cloudAshur

UNRIVALLED CLOUD DATA SECURITY

Both data at rest and data in transit is encrypted using the cloudAshur module. In order to decrypt data stored in the cloud, on a network drive, on a local PC/MAC, or to decrypt encrypted email attachments or data transferred via file sharing software applications, the user will need to go through an unprecedented 5-factor authentication process:
✔️Physically have possession of the cloudAshur module
✔️Know the 7-15 digit PIN (password) which is entered via the cloudAshur onboard keypad
✔️Know the login credentials for the CloudAshur client app
✔️Know where the data is stored (which cloud)
✔️Know the login credentials for the cloud account

With the cloudAshur, you can use the cloud safely. You are in control of your data.

ENCRYPT

ENCRYPT your data with the cloudAshur encryption module. The cloudAshur hardware encryption module encrypts all data in transit and at rest with a FIPS certified randomly generated AES 256-bit encrypted encryption key, which is stored and protected within a dedicated iStorage secure microprocessor (Common Criteria EAL5+ (Hardware Certified) ). cloudAshur grants the user full and secure control of the encryption key, thus protecting data even if the cloud account is hacked. cloudAshur also encrypts data stored on a local network drive, portable data storage devices as well as PCs/MACs.

 

 

 

encrypt
diskashur-M2-measurement

share

SHARE and collaborate your data using the CloudAshur KeyWriter application (recommended optional extra).

The patented cloudAshur KeyWriter application enables the required number of cloudAshur modules to be cloned with the same encryption key allowing real-time, ultra-secure collaboration with authorised users regardless of location.

cloudAshur KeyWriter copies all critical security parameters including the randomly generated encrypted encryption key and all PINs between the Master cloudAshur module and as many Secondary cloudAshur modules as required using any off the shelf USB hub.

This allows secure and instant collaboration in the cloud between authorised users, as well securely sharing encrypted files on a local network drive, portable data storage device or via email and file transfer services.

The KeyWriter software has zero visibility of both the session key and decrypted data. This makes it impossible for a hacker to access or retrieve any critical security parameters stored within the cloudAshur module.

 

Clear

manage

MANAGE using the CloudAshur Remote Management Console (recommended optional extra).

The cloudAshur Remote Management Console provides the IT Administrator full visibility and control of all cloudAshur modules deployed within the organisation. Administrator capabilities include temporarily disabling or resetting cloudAshur encryption modules, restricting file types, viewing user log files, displaying user location, as well as restricting the time and location users can access cloudAshur modules

Clear
manage

What is included

CloudAshur Encryption Module with Aluminium Sleeve.

Quick Start Guide.

3 Year Warranty.

Not Included: The CloudAshur KeyWriter and CloudAshur Remote Management Console are recommended optional extras

cloudAshur

Frequently Asked Questions

Customer Reviews

1 review for CloudAshur Encryption Module

  1. Sam

    Great

Add a review

Your email address will not be published.

What Is the difference between all your devices?

What are the Detailed Product Specifications?

To achieve data privacy, encryption of data is important, protection of the encryption key is vital. To be a truly secure solution, it is imperative that the encryption key is stored away from the data. That is why we developed the cloudAshur Hardware Security Module (patent pending), a PIN authenticated hardware encrypted security module, that encrypts all data in transit and data at rest with a FIPS certified randomly generated AES 256-bit encrypted encryption key which is stored within a dedicated iStorage secure microprocessor (CC 4+ Ready). cloudAshur is the perfect solution for anyone wanting to securely store, share, manage and monitor data in the cloud. It eliminates the security vulnerabilities that exist with cloud platforms, such as lack of control and authorised access.

ENCRYPT

to ensure the ultimate protection of your data stored in the cloud or on your local PC/ MAC or any data storage device

SHARE

your encrypted data with authorised users in the cloud as well as via email and file transfer services, in real-time

MANAGE

and monitor your cloudAshur devices centrally to achieve data privacy, encryption of data is important, protection of the encryption key is vital.To be a truly secure solution, it is imperative that the encryption key is stored away from the data.That is why we developed the cloudAshur Hardware Security Module (patent pending), a PIN authenticated hardware encrypted security module, that encrypts all data in transit and data at rest with a FIPS certified randomly generated AES 256-bit encrypted encryption key which is stored within a dedicated iStorage secure microprocessor (CC 4+ Ready).

What is the Product Weight, Dimensions & Storage Capacity?

Additional information

Weight 0.037 kg
Dimensions 1.3 × 1.9 × 8.7 cm
Inclusions

Encryption Module Only, Encryption Module & Remote Management Console(1yr)

Product Overview

CLOUDASHUR ENCRYPTION MODULE KEY FEATURES

PIN authenticated, hardware encrypted, cloud encryption module (patents pending)

Ultra-secure 7-15-digit PIN to authenticate the cloudAshur module

Compatible with Windows and macOS

CloudAshur client applications are Windows (7/8/10) and macOS (Sierra/High Sierra/Mojave) compatible.

FIPS 140-2 Level 3 compliant tamper proof & evident design

All critical components within the cloudAshur enclosure are covered by a layer of super tough epoxy resin, which is virtually impossible to remove without causing permanent damage to the critical components.

If breached, the cloudAshur modules tamper evident design will provide visible evidence that tampering has occurred.

On-device Crypto-chip

Offering 100% real-time military grade AES-XTS or AES-ECB 256-bit Hardware Encryption with FIPS PUB 197 certified USB 3.0 encryption controller.

Two encryption modes

The cloudAshur can be configured in two encryption modes AES-ECB 256-bit (FIPS Compliant) and AES-XTS 256-bit.

 

Five factor authentication

Something you have:
The cloudAshur hardware security module.
Something you know:
7-15 digit Admin/User configurable PIN
Username and password for the iStorage cloudAshur Windows or macOS client app
Where the data is stored, which cloud provider
Username and password for the cloud account

Uniquely incorporates Common Criteria EAL4+ ready secure microprocessor

Which offers ultimate security against hackers, detecting and responding to tampering with features such as:
Dedicated hardware for protection against SPA/DPA/ SEMA, DEMA attacks
Advanced protection against physical attacks, including Active Shield, Enhance Protection Object, CStack checker, Slope Detector and Parity Errors
Environmental Protection Systems protecting against voltage monitor, frequency monitor, temperature monitor and light protection
Secure Memory Management/Access Protection

Brute force hack defence mechanism

If the User PIN is entered incorrectly 10 consecutive times, the User PIN will be deleted and the drive can only be accessed by entering the Admin PIN in order to reset the User PIN. (Admin can change this from the default 10 incorrect PIN entries, to 1-9, for the User only)

If the Admin PIN is entered incorrectly 10 consecutive times, all PINs and the encrypted encryption key will be lost forever.

 

Two encryption modes

The cloudAshur can be configured in two encryption modes AES-ECB 256-bit (FIPS Compliant) and AES-XTS 256-bit.

Separate Admin and User modes

Supports independent Admin and User PINs.

User PIN enrolment

The Admin can set a restriction policy for the user PIN. This includes setting the minimum length of the PIN, as well as requiring the input of one or more ‘Special Character’ if needed.

The ‘Special Character’ functions as ‘SHIFT + digit’

Inactivity Auto-lock

Configurable to lock after a predetermined period of inactivity. cloudAshur automatically locks when unplugged from the host computer or when there is no longer any power to the USB port.

Self-destruct feature

Pre-program the cloudAshur with a self-destruct PIN, which once entered, the encrypted encryption key and all PINs are deleted.

IP58 certified

Dust and water resistant. Includes hard anodized and ruggedised extruded aluminium protective sleeve.

One-time User recovery PIN

The Admin can program the cloudAshur with a onetime recovery PIN. This is extremely useful in situations where a User has forgotten the PIN to authenticate the cloudAshur.

This feature allows the User to enter the Recovery PIN and configure a new User PIN.

Polymer coated, wear resistant on-board alphanumeric keypad

The cloudAshur is authenticated (unlocked) and all functions are performed using the onboard keypad with zero host involvement. cloudAshur is not vulnerable to key-loggers and brute force attacks.

The cloudAshur keypad is coated with a layer of wear resistant polymer for added protection.

Immune to Bad USB

Both the USB Cryptochip and Secure Microprocessor incorporate digitally-signed flash lock mechanisms making the cloudAshur immune to Bad USB.

Whitelisting on networks

Configured with a unique VID/PID and internal/external serial number with barcode, allowing easy integration into standard end-point management software (white-listing), to meet internal corporate requirements.

Customisation services available

Offering an in-house PIN configuration and laser-etching service whereby the cloudAshur sleeve or side of the module can be customised with your name, company name and/or logo, web/email address, phone number.

 

CLOUDASHUR KEYWRITER (PATENT PENDING)

 

Makes sharing of data in the cloud, via email and fi le transfer services between authorised users a breeze with ultimate security and peace of mind!

KEYWRITER FEATURES

iStorage KeyWriter copies all critical security parameters including the randomly generated encryption key and all PINs between the Master cloudAshur module and as many secondary cloudAshur modules as required using any off the shelf USB hub, allowing authorised users to securely share data with one another, in real-time, regardless of their location.
The critical security parameters never leave the cloudAshur module and are stored in the Common Criteria EAL4+ ready secure microprocessor.
The process of copying the encrypted encryption key and all critical credentials between the Master cloudAshur module and the secondary cloudAshur modules is protected by a secure protocol incorporated within the iStorage cloudAshur secure microcontroller. The protocol is implemented using cryptographic algorithms, all of which are FIPS certified. Every cloudAshur has a unique certificate issued by a root of trust, which ensures that only iStorage cloudAshur modules can be used during the key exchange process.
The cloudAshur modules never output the established session key when running the secure protocol and the sensitive data being copied is only decrypted in the validated recipient cloudAshur module. The iStorage KeyWriter software running on the PC coordinates the operations required by the secure protocol, however the software has zero visibility of both the session key and decrypted data, making it impossible for a hacker to access or retrieve any critical security parameters stored within the cloudAshur module.
iStorage KeyWriter is compatible with Windows (Vista/7/8/10).

 

CLOUDASHUR REMOTE MANAGEMENT CONSOLE

Gives you full control of all cloudAshur hardware security modules deployed within your organisation offering a wide range of features to manage all users.

Remote Management Console

CONSOLE FEATURES

iStorage Remote Management Console provides the Administrator full visibility and control over the following:

Temporarily disable or reset (remote kill) Users cloudAshur modules – in the event of suspicious activity or an employee leaving the organisation without returning their cloudAshur encrypiton module.
Restrict file types – control what fi le types are being uploaded and shared in the cloud (EXE, PNG, PDF, etc…)
View User’s log files – full visibility over what each User is doing in the cloud, such as, what files they are uploading,downloading, modifying, etc…
Display User’s location – You can view the location of User’s cloudAshur modules via an on-screen map.
Geofencing and Time fencing – restrict the time and location of where and when the cloudAshur encryption module can be used by each individual User.
iStorage Remote Management Console is compatible with Windows (Vista/7/8/10).

Product Technical Specifications

Hardware Hardware Security Module (patent pending)
Interface FIPS PUB 197 certified USB 3.0 encryption controller
Battery 3.7V Li-Polymer rechargeable battery
Dimension H/W/D 87.40mm / 19.40 mm / 13.40mm
Weight Without sleeve: approx. 28 grams With sleeve: approx. 37 grams
Compatibility CloudAshur is compatible with both PCs and MACs and works with numerous cloud providers including Amazon Drive, Google Drive, OneDrive, Dropbox, iCloud and many more
Hardware data encryption Can be configured in two encryption modes AES-ECB 256-bit (FIPS Compliant) and AES-XTS 256-bit
Certifications FIPS 140-2 Level 3, NLNCSA BSPA & NATO Restricted Level (Pending Q3/Q4)
Ordering information IS-EM-CA-256
Warranty 3 year warranty with free lifetime technical support

 

Product Documentation

Encryption Module Resources:

Data Sheet

Manual

Quick Start Guide

 

Remote Management Console Resources:

Data Sheet

Manual

 

KeyWriter Resources:

Data Sheet

Manual