Please read the full press release here

For further details view our dedicated page on the partnership

If you are eager to start using SafeConsole and SafeStick straight away you can apply for a free evaluation here.

Select Upcoming Events

RSA 2010 – Get free admittance here!
1st – 5th of March. Visit us at stand 645!

CeBIT Hannover in Hall 11, 2nd to the 6th of March, visit us at booth A22!

EasyFairs ICT-INTERNET EXPO exhibition 2010
10th – 11th March 2010 in Bella Center Copenhagen. Stand A022 and A023

Infosecurity Europe 2010 – Get free admittance here!
27th – 29th April, at Earls Court, London. Visit us at stand J80!

A flaw has been found in competing products to SafeStick. SafeStick does not contain this flaw.
The flaw exposed by the independent penetration testing firm SySS enables any user to access the unencrypted data quickly on all shipped drives from select competitors without the required password.

BlockMaster issues this statement to clearly inform customers and partners that this is not a flaw found in any version of SafeStick.

This is in short how SafeStick works in this aspect (in contrary to the flawed drives)

• The user password is verified within the SafeStick hardware device.
• The password set by the user is what gives access to information stored on SafeStick.

SafeStick password and key procedure in more detail

• Password verification is performed onboard the SafeStick device.
• The SafeStick brute-force protection is also operated within the hardware controller.
• The password entered by the user is hashed in the SafeStick computer host software using MD5.
• The unique password string enters the SafeStick BM9930 hardware controller through a private channel over USB.
• The hashed password string is hashed ones more (SHA256) in firmware onboard the SafeStick device.
• The dually hashed password is used to access the hardware encrypted cryptographic keys created with the random number generator (ANSI X9.31 RNG) onboard SafeStick.
• The unique cryptographic keys are used to encrypt all user stored information with AES256-CBC.
• The SafeStick hardware is fully epoxy encapsulated.

1. Delete Does Not Mean What You Think When it Comes to USB Flash Drives.

When it comes to erasing files the Delete button should really read Hide. This is what we call the FAT recovery issue. You “delete” a file from your USB flash drive or perform a Quick Format to “delete” all files. What this actually does is comparable to placing a sheet of white paper, as an only safeguard, over the stack of sensitive documents left on your desk. It just erases the reference to the file in the FAT, the file allocation table that each drive has. The file itself is still there, just in temporary hiding, since standard USB flash drives have no reset feature. Using FAT data recovery or repair tools anyone can bring your “deleted” secrets into the daylight again. This could mean embarrassment or catastrophe depending on the data stored.

2. Misplacing a USB Flash Drive For Any Amount of Time is a Real Risk.

When a drive is misplaced, or left out of sight, your data might be tampered with. New USB malware threaths spreads this way and even worse is that your stored stuff might have been copied of. You never know, because there is no way telling what has happened when you where off guard. Even if you encrypt your files with a security software the encrypted files could be copied off to perform a what is called a parallel off-line attack with rainbow tables and software tampering software. Even script kiddies can pull things like this off. The files are simply there in the open, available for anyone to fiddle around with given the shortest moment of opportunity.

3. Budget USB Flash Drives Puts Your Data at Risk.

If the USB flash drive was to cheap then the flash component part of your USB flash drive is probably fading away at an alarming speed. 8GB can rapidly tare down to only actually store 7GB and the 6GB, 5GB, 4GB, 3GB. You see the pattern. This will risk the stored files and folders. On the actual flash is where your data is stored. Think of flash circuits like little boards with millions of little miniature switches on them. Each switch tells the computer a story about the data stored on the USB flash drive. Good flash have perfect switches, built to last through a life-time of heavy usage. Low-cost bargain USB flash drives can be equipped with switches that are already broken or will fall off and break after even just one use. This means that the storage capacity of the USB flash drive will die of quickly and that the data stored by the faulty switch will become corrupted. This will mean that the files stored are not secure against data loss. Losing work this way can be costly and very annoying.

4. Your Unsecure USB Flash Drive Can Set of a Computer Catastrophe.

The autorun feature that easily can be copied onto any standard USB drive is like a crazy friend that invites thugs with baseball bats to your house warming party. It has no built in judgment what so ever. Windows Autorun consists of two files. One autorun.inf that is a pointer file directed towards the second, the target executable/program that is to run. And it will run anything, and I mean anything, even Conficker which was the malware that highlighted this security flaw. A malicious Autorun configuration can seriously mess up any computer you stick the drive into. The problem is actually so bad that Microsoft removed the autorun completely for removable storage in the upcoming Windows 7 release.

5. Standard USB Flash Drives Have NO Built in Security Features.

There is no password protection or encryption of the data stored on a standard USB flash drive. This might be OK for the family photos but not for your work related data. If you misplace the unsecure USB flash drive you can cause a breach that sets your company back quite a bit of money. Globally over 20 000 000 USB flash drives where lost just last year so you would, sad to say, be in good company. Of course your organization do not want  to end up becoming a headline for something as easy to lose as a USB stick.

What Should One do to Safeguard Data Stored on a USB Flash Drive?

The easiest and by far most cost-efficient solution is to use a high quality secure USB flash drive. Simply make the switch to SafeStick and instantly it will safeguard your portable data. The NHS, the National Health Service, in the UK  choose to protect its data with over 100.000 SafeStick secure USB flash drives. BlockMaster’s proven solution with SafeStick and SafeConsole (central management software) will solve all of the 5 above problems and furthermore help you increase your productivity with secure portable applications and two-factor authentication.

Policies are left in the drawer to gather dust

Over two-thirds of the agencies in the study had policies in place regarding portable storage security and procedures when transferring records to external parties. 58% had experienced a breach of a agency issued device the past 12 months only half of these featured any security precautions.
The full report can be downloaded here

What has lead to the action from the Privacy Commisioner are concerns after multiple incidents in the UK regarding lack of security for USB storage. The breaches are ranging over the full spectrum of goverment organizations. The UK is well known for having an attitude of publishing and high-lighting breaches, more so than many countries.

Some of the latest high-profile USB breach incidents in UK

UK police lose USB stick with terrorist intelligence data
Council loses data on children on USB key lacking password protection and encryption
Data on 5000 prisoners are lost on unsecure USB flash drive

This post will briefly touch on some of the most common challenges for an IT administrator. The answers explain how our SafeStick secure USB flash drives with SafeConsole the central management console can assist corporations with portable storage.

1. Can we enforce password and storage policies with these secure USB flash drives?

SafeStick will ensure that your decided policy is upheld. The user is prompted on first usage to select a password. The password rules for the policy can easily be set up in SafeConsole. Using the FileBlocker feature in SafeConsole it is possible to ban storage of unauthorized executables and other file formats such as MP3.

2. Security is fine. But is it easy to use and will it always work?

Usability is always in the focus of BlockMaster development. This means that SafeStick has unique support for handling network drives and requires no installations or admin rights. Network drives are known to case trouble with USB devices that have multiple drives (often presented as CD-rom drive and storage drive). The problem presents itself as a conflict between drives which means that the secure drive is unable to mount to the system. SafeStick secure usb flash drives will always work if a standard single USB flash drive works. It only requires two drive letters to be available from A-Z. The SafeStick technology to solving the network drive conflicts is unique.

3. What if my users forget the password to SafeStick and they have critical data stored?

Users will forget their password. Three options are available.
1. Either you first enable Password Recovery in the SafeConsole then you will be able to perform a remote password reset without losing data through a secure challenge response procedure that is unique for your organization.

2. The ZoneBuilder in SafeConsole can be configured to automatically unlock the user SafeStick drive once he is authenticated to his Windows User Account using certificate security. ZoneBuilder is normally used to setup trusted workgroups (zones) which enable a project team to share data without sharing the private password. If ZoneBuilder is activated for automatic unlock on the user account it can prompt the user to change his forgotten password. No data will be lost and the procedure is completely self-service once setup.

3. If SafeConsole has not been deployed the user has the option to Reset the device, meaning that SafeStick will factory reset and all stored data will be wiped and the encryption keys renewed.

It is often a good idea to have SafeConsole deployed in a enterprise setting.

4. Will these secure usb flash drives cause a lot of support cases?

No. It is very low in support and there is a very low error rate on the SafeStick hardware since it uses the highest quality components. With SafeStick the security is always on, there is no way of misusing the product. The usage of SafeStick secure usb flash drives is basically self explanatory and there is no need for end-user training. A instructional card (credit card size) is included and this is normally all that is needed. The software is contained on the device itself and seldom causes problems. This should be compared with software encryption solution that are usually support intense and not easy to work with.

5. Can the solution be updated (patched) and is there ongoing development?

Yes the SafeStick drives can be updated in the field using a self-contained executable. There is also the option of updating SafeStick drives in a enterprise setting with an msi. BlockMaster is continuous developing both SafeStick and SafeConsole, the roadmap is extensive and we always strive to be positioned as an innovator. We work with our technology partners to ensure that our customers are always provided with the best product possible.

Next Steps

Learn More By Downloading Our White Paper on Secure USB Flash Drives
Request a Free Evaluation SafeStick

LONDON, UK, 21th April 2009, - BlockMaster, a provider of secure removable data devices, today announces a two-year exclusive contract to distribute over 100,000 SafeSticks to NHS hospitals across the UK. The SafeSticks will provide complete security for all removable storage through military grade hardware encryption, and will be distributed through seven public sector procurement hubs.

West Suffolk Hospital NHS Trust is one of over 100 UK hospitals using SafeSticks to protect portable data. It also installed BlockMaster’s management suite, SafeConsole, to monitor activity on USB sticks six months ago. Other hospitals using the SafeSticks include the George Elliot NHS Hospital Trust in Warwickshire and the Aintree University Hospital NHS Trust.
The SafeSticks which have been installed by Softek, a leading IT Security, Storage and Archiving Solutions distributor, will provide the NHS with complete protection through mandatory password protection and automatic hardware encryption and timer Lockdown functionality which locks SafeStick if there is no user activity for a configurable period of time, preventing data loss if they are lost or stolen. SafeConsole will provide users with full control, remote life-cycle management and device enhancement, with features including remote password recovery, customised password policy, audit for compliance, portable authentication tokens and productivity tools.

Robert Howorth, Senior Technical Architect at West Suffolk Hospital NHS Trust, comments: “We were faced with the constant challenge of keeping our data safe, but also ensuring staff can work remotely to increase efficiencies. The security of patient data is of paramount importance to us, so we needed a device that could provide complete protection against theft or loss. We also wanted the peace of mind that devices could be centrally managed, locking down and wiping data should a device become compromised. We have been delighted with SafeConsole and SafeSticks so far as they are simple to use, which increases adoption and provides reassurance that data is protected no matter where it is.”

Daniel Östner, CEO at BlockMaster comments: “The number of unsecure USB sticks lost each year is a problem we cannot sweep under the carpet. We need to be proactive with USB security and not wait for a breach to happen until we think about it.

“It’s fantastic news to see that the NHS is leading the way with USB security. The introduction of best-practice and diligence by organisations will protect sensitive data on portable devices and prevent embarrassing, as well as costly data breaches.”

Mike Bienvenu, Technical Director, Softek concludes, “Critical data loss is on every IT Director’s mind, and with a frightening 66 per cent of all USB sticks being lost or stolen, data stored on memory sticks simply has to be encrypted – the challenge has been achieving this quickly and easily without employee re-training or disruption.”

BlockMaster and Softek are continuing the roll-out of SafeSticks at more NHS hospitals, local government departments, Education establishments and corporates. In addition to this BlockMaster is adding new features to SafeStick and SafeConsole, which will be announced at InfoSecurity Europe 2009.

- ENDS -

About BlockMaster
Since the first release of SafeStick® in early 2004, BlockMaster has the longest successful track record of delivering secure USB Flash Drives in the world.
BlockMaster delivers full management capability for the administrator and a world-class user acceptance experience for the end-user. From rollouts at Fortune Global 2000 customers we know that the implementation of SafeStick® and its systems is swift, cost-efficient and easy on the end-user.
BlockMaster is headed out of Lund, Sweden with additional offices in Stockholm.
SafeStick® is a registered BlockMaster brand. http://www.GetSafeStick.com/

About The West Suffolk Hospital NHS Trust
The West Suffolk Hospital NHS Trust came into being on April 1st, 1993. It serves an area of approximately 600 square miles which extends to Thetford in the north, Sudbury in the south, Newmarket to the west and Stowmarket to the east. This encompasses a population of approximately 275,000.

The West Suffolk Hospital itself was founded in 1832, moving to its new site in Hardwick Lane in 1973. It was the first of a new design of hospitals to be known as “Best Buy” hospitals. This was the first standard design to combine a compact and economical hospital to meet modern purposes. http://www.wsh.nhs.uk/

About Softek Ltd
Softek is a UK value add distributor (VAD) for IT Security, Archiving and Storage solutions and services.
Softek’s vast technical expertise, and customer service in the field of IT Security is legendary, providing a full range of training and support services to Reseller Partners comprising of ASP/MSP’s, VAR’s, Consultants and System Integrators.
Since inception in 1994, Softek has advocated a comprehensive approach to information security. http://www.softek.co.uk

Press contacts:
Mital Joshi / Kate Mills
Rocket PR
T: +44 (0) 8453-707-024
E: blockmaster@rocketcomms.net

40% of over 100 office workers surveyed by BlockMaster have lost a USB stick at some point, and nearly two-thirds (64%) have left a drive unprotected in a PC, exposed for anyone to potentially access or steal. Meanwhile, ignorance seems to bliss, as nearly a third (30%) of office workers have no idea whether the USB sticks they are leaving around are secure.

The proliferation of USB sticks means this represents a growing problem, globally more than 20 million are lost a year. More than a third of workers (35%) store more than 20 files on their USB sticks, meaning that the loss of a single USB stick can expose a high volume of sensitive corporate information.

Daniel Östner, CEO, BlockMaster said: ”A careless attitude towards USB security appears to be rife amongst British workers, and it means organisations are extremely vulnerable to the threat of data breaches, where IP could become compromised and reputations damaged. Managing the security risks associated with removable storage is one of the biggest challenges faced by IT departments today – protecting data outside the corporate perimeter is no longer an option, but a necessity to prevent data breaches.

Johan Söderström, Chief Technology Officer at BlockMaster continues:
”The evolving internet landscape, brings with it a host of threats to businesses, which are already under pressure to protect corporate assets. To ensure peace-of-mind, it is imperative mobile devices have the necessary protection to fight these threats.

“To stay ahead of these threats we have included within our SafeStick and SafeConsole an Authorised Autorun feature, which prevents organisations being hit by malicious attacks, such as the Conficker worm.”

SafeConsole 3.3, the management software for SafeStick, will be unveiled at InfoSecurity Europe this year, with the following new features to ensure maximum workforce productivity and organisational security:

File Blocker
File Blocker anti-malware can be configured in SafeConsole to put data storage policies, such as banning certain file formats (MP3s and executables) for storage and also terminating executables, such as trojans and malware applications. The Publisher feature enables white-listed applications and content to be securely deployed.

EasyShare
Users are able to share individual files on the SafeStick by creating a temporary password to access the file, thus keeping all other files inaccessible and hardware encrypted when sharing. This unique feature enables users to share documents securely on untrusted machines without exposing the main secure storage area password or files.

Auto disabling
Data at rest on USB sticks is often neglected, but SafeStick will now automatically disable if lost or its whereabouts to the company is unknown for a configurable period of time. This provides greater control for organisations over removable data and removes the burden of manually locking and wiping information.

Certificate Carrier
This feature will enable SafeStick to double-up as a mobile authentication token, targeting organisations that have deployed a Public Key Infrastructure (PKI) and need to provide digital identities for mobile workers.

Mac OS availability
SafeStick is now compatible with the Mac operating system, extending its availability from PC to Mac users. With traditional Mac users including architects and media industry executives, SafeStick will ensure that concepts and designs that provide competitive edge are always protected.

SafeConsole 3.3 and SafeStick will be showcased at this year’s InfoSecurity Europe – visit BlockMaster at stand P75 for a demonstration. All present SafeConsole customers are eligible for an update.

-Ends-

About BlockMaster
BlockMaster provides complete control of your USB drives. SafeStick® offers mandatory password protection and always-on encryption of all stored data. SafeConsole® enforces management control over SafeStick USB drives on an enterprise scale with remote life-cycle management and device enhancement such as remote password recovery, customised password policy, audit for compliance, portable authentication tokens and secure portable application delivery.

SafeStick is available worldwide through distribution in over 40 countries and is trusted to serve the versatile security needs of Fortune Global 500 businesses, government agencies, police and military. Thousands upon thousands of people worldwide have made the switch and choose to protect their privacy and sensitive information with SafeStick.

Further information
Rocket PR
Mital Joshi/Alex Brooks
blockmaster@rocketcomms.net
+44 (0) 8453 707 024

Prevent conficker autorun, malware infection. viruses and trojans from spreading over USB into your networks with SafeStick features Authorized Autorun and File Blocker.

Problem

Conficker has highlighted the danger of standard removable USB sticks. Conficker implants a malicious autorun.inf on removable media as one modus operandum. Any software encryption or protection of the drive will go lost in the process as the Conficker infection lurks at the host and has the upper hand over the open USB flash drive. Given the unfortunate success for Conficker this is likely something that will be the target for copycat virus hackers and repeated over and over again.

Further more standard devices with or without only software encryption are not able to guarantee data integrity since data can be tampered with, copied, replaced or infected with viruses without user misbehaviour, it only takes one infected host to load up a removable drive with viruses and trojans.

Solution

The onboard anti-malware that SafeStick provides with Authorized Autorun and File Blocker further strenghtens the onboard security beyond automatic AES256 hardware encryption. The unique technology aids the user in protecting the device from becoming a liabillity. Rogues files can simply not be copied onto the SafeStick as File Blocker feature defends it automatically. The File Blocker can also be configured in SafeConsole to put in place data storage policies such as banning certain file formats for storage and disabling installation of unauthorized applications. Applications deployed using the SafeConsole feature Publisher is automatically white-listed.

Authorized Autorun has been implemented since SafeStick 3.1.0 and File Blocker will be part of SafeConsole 3.3 presented at this years InfoSecurity 2009 in London at the end of April (requires SafeStick 3.3.0 or later). Visit BlockMaster at stand P75 for a demonstration. All present SafeConsole customers are eligíble for the update.

Organisations using SafeStick with SafeConsole saves costs on password resets. SafeConsole features ZoneBuilder and Remote Password Recovery streamlines password management. If ZoneBuilder is deployed through SafeConsole to users they are able to reset their own passwords in the most efficient manner ever seen. Once the user is authenticated to the user account ZoneBuilder can be configured to reset the SafeStick password if it detects that the user has previously entered faulty passwords. Just plug the SafeStick in and no further user action is needed, only to choose a new password. For Remote Password Resets the SafeConsole features a simplistic IT staff interface that is protected against social engineering. The end-user can call, e-mail or SMS a request and perform a quick challenge-response procedure typically below two minutes including user verification. No data is lost during the SafeStick password resets and the highest level of productivity and security is maintained.

Offering a simplistic yet secure password reset option is paramount when offering a secure USB drive. According to a Gartner study password resets can cost companies up to up to $18 (£12.35) per call, costs that quickly add up in a large organisation. The cost for not getting access to data is of course more significant as it is also often time critical. The BlockMaster solution will combat costs and give access to mission critical data on time by aiding IT staff to offer a swift self-service option and a secure remote password reset.