Special Note Regarding POODLE Vulnerability:
The IronKey engineering team have performed testing against our existing Enterprise Management (EMS) Cloud Service and have determined that it is not vulnerable to POODLE. The EMS Cloud Service does not make use of the RC4 cypher, and in addition IronKey has disabled SSLv3. In regards to the Enterprise Management On Premise Server, the latest version 5.2 (released recently) is also not POODLE vulnerable as there is no use of SSLv3. For customers of earlier versions of Server we recommend either (1) updating to the most recent version 5.2, or (2) confirming with your security teams that SSLv3 is not allowed to access the Enterprise Server.
Special Note Regarding the Shellshock vulnerability:
The IronKey Security Engineering Team has evaluated the IronKey management systems security posture and exposure to the Shellshock vulnerability. It was determined that the IronKey management systems, including Enterprise Management cloud service, Enterprise Management on premise server, and ACCESS Enterprise are not exploitable by the Shellshock vulnerability.
Please visit the Special Notification Archive to view past notifications.