iStorage Introduces the Ultimate Solution for Cloud Vulnerabilities

Hackers’ Cloud Success Is Bad for Business, Consumers

Criminal hackers chase data where it lives. These days, most data lives in the
cloud. More than 3.6 billion consumers use the cloud, according to Statista.
According to Forbes, eighty-three percent of enterprise workloads will
occupy the cloud by 2020.

Cybercriminals are enjoying the cloud’s success. In recent years, cyber crooks have
compromised billions of cloud records. Clouds such as Amazon Drive, Google
Drive, OneDrive, Dropbox, iCloud, and Amazon Web Services (AWS) are not
immune.

Cloud customers saw 681 million cyberattacks in 2018, according to Dark

Reading. “There was a rash of data breaches involving Amazon Web Services in
2017,” according to the BBC. According to the Washington Post, a 2016 Dropbox
hack saw 68 million user logins posted for sale on the Dark Web. Cyber thugs are
gaining entry into the cloud, getting private consumer information and company
secrets.

The results of cloud breaches are catastrophic. People lose their privacy and
suffer credit card fraud and identity theft. They invest long hours and large sums
in repairing their credit, recovering their identities, and fending off email
“phishing” attacks, phone scams, and account hijackings.

Companies suffer, too. They see brand damage. Boards fire executives that they
hold responsible for lax security. Consumers sue firms that fail to protect their
information. Regulatory bodies exact fines and penalties against breached
enterprises. Some companies close their doors for good due to breaches, leaving
employees without jobs or income.

Loss of Control, Loss of Data

There’s no denying that you give up control of your data when you send it to the
cloud, which makes it hard to keep your information secure and private.
Cybercriminals, cloud employees, and even governments can compromise cloud
data.

Server-side encryption from cloud services decrypts your data when you sign on,
giving criminal hackers instant access to your information through guessed or
stolen passwords. According to Wired, cyber crooks have recently shared a
compiled list of 2.2-billion compromised usernames and passwords on the
internet. Bad-guy hackers have gotten good at grabbing your login information,
making the cloud providers’ default encryption obsolete.

Because your provider keeps your encryption key in the cloud, cloud
administrators who control the keys can see and touch your data. Eighty percent
of security breaches involve privileged credentials, according to Forrester. Any
cyber crook who compromises a cloud administrator’s login details could use
them to access your key and decrypt and steal your information.

Because cloud providers control their encryption, consumer data is vulnerable to

governments whose laws can require cloud companies to reveal it. The U.S.
CLOUD Act of 2018, for example, empowers the U.S. government to force U.S.-
based technology firms to provide data regardless of whether they store it inside
or outside the U.S.

The only way to protect cloud data from criminal hackers, company insiders, and
government regulations is to take the matter into your own hands.

The Perfect Solution in The Palm of Your Hand

While it’s essential to encrypt cloud data, it’s vital to isolate and protect your
encryption key away from the cloud and its vulnerabilities. The perfect solution
stores and encrypts your unique key in a convenient USB encryption module—in
the palm of your hand.

The iStorage cloudAshur USB encryption module encodes your encryption key
sealed inside its military-grade encryption chip, safe from cloud employees,
criminal hackers, and foreign and domestic governments. The cloud-agnostic
cloudAshur module lets you lock down data in clouds such as Amazon Drive,
Google Drive, OneDrive, Dropbox, iCloud, AWS, and many more.
The iStorage cloudAshur supports two extremely robust (256-bit) encryption
modes that meet global standards for safeguarding classified information. The
cloudAshur encrypts data at rest in the cloud (and on PCs, Macs, and storage
devices). The cloudAshur encrypts data in transit in emails and when you use file
transfer services such as WeTransfer.

Protect your cloud data as iStorage cloudAshur leverages five factors of

authentication:

 The USB dongle that encodes your encryption key

 A 7-15 digit PIN to access the USB module via its keypad
 Your username and password for the cloudAshur Client app (Windows and
MacOS)
 Knowledge of your particular cloud provider
 Your cloud login credentials

If you lose the USB module or someone steals it, they must guess the PIN to
access it. If they don’t get it right in 10 tries, the module deletes your encryption
key. The USB module is highly tamper-proof (FIPS 140-2 Level 3 compliant).
Attempts to physically hack it can critically damage its components and the
encryption key.

Secure, Real-Time Data Sharing and Collaboration

With iStorage cloudAshur, you can share cloud data and collaborate securely in
real time through its KeyWriter app. The cloudAshur KeyWriter app (Windows,
patent-pending) enables authorized users to share encrypted cloud data
regardless of location.

The KeyWriter app copies a unique encryption key between your cloudAshur
module and the secondary modules participating in your collaboration. Encrypt
your files and upload them to the cloud; users with secondary modules can
download and decrypt them.

Visibility into Users, Modules, and The Cloud

The iStorage cloudAshur technology enables IT to manage your USB encryption
modules through its Remote Management app. The cloudAshure Remote
Management app (Windows) empowers IT with the visibility to centrally manage
and monitor all your cloudAshur users and their modules.

The cloudAshur Remote Management app enables IT to disable or reset USB

modules to keep encryption keys and cloud data secure in the case of lost or
stolen devices or suspicious activity. The Remote Management app allows IT to
choose what files users can share.

IT can see user logs in the Remote Management app to understand user activity.
The Remote Management app lets IT pinpoint module locations on a map and
restrict the times and places employees can use the devices.