Past Special Notices:
November 12, 2014
Special Note Regarding POODLE Vulnerability:
The IronKey engineering team have performed testing against our existing Enterprise Management (EMS) Cloud Service and have determined that it is not vulnerable to POODLE. The EMS Cloud Service does not make use of the RC4 cypher, and in addition IronKey has disabled SSLv3. In regards to the Enterprise Management On Premise Server, the latest version 5.2 (released recently) is also not POODLE vulnerable as there is no use of SSLv3. For customers of earlier versions of Server we recommend either (1) updating to the most recent version 5.2, or (2) confirming with your security teams that SSLv3 is not allowed to access the Enterprise Server.
September 29, 2014
Special Note Regarding Shellshock:
The IronKey Security Engineering Team has evaluated the IronKey management
systems security posture and exposure to the Shellshock vulnerability. It was
determined that the IronKey management systems, including Enterprise Management
cloud service, Enterprise Management on premise server, and ACCESS Enterprise are
not exploitable by the Shellshock vulnerability.
August 1, 2014
Special note regarding the "BadUSB" attack:
The premise of the BadUSB attack proof of concept software is that you can change the firmware of the USB device. A fundamental feature that every enterprise bound USB should have is preventing firmware from being altered.
IronKey has always been on the front lines of providing secure USB drives and its devices have digitally signed firmware with verification on startup. IronKey’s approach, which has been validated by NIST in IronKey FIPS 140-2 Level 3 devices (http://csrc.nist.gov/groups/STM/cmvp/standards.html) means that if the firmware is tampered with, the device won’t function.
April 15, 2014
Special note regarding the Heartbleed attack:
The IronKey Enterprise Service and Enterprise Server are not vulnerable to the Heartbleed attack. We are running OpenSSL v1.0.0 or 0.9.8 which are NOT subject to this attack.
April 6, 2016
File Audit Available In Early Availability:
File Audit allows your organization to run file audits on Secure Storage devices to capture and report the files and directories in the secure partition of managed devices. Devices report the audit data securely to a supported log server, or report server. File Audit addresses the need to identify files on lost or stolen IronKey devices; satisfying enterprise risk compliance, audit requests and to identify improper data custody. File Audit is licensed as a separate feature in IronKey Enterprise Management. File Audit is available for S250 and D250 devices using IronKey Enterprise 184.108.40.206. Please contact IronKey Product Management at email@example.com.
April 6, 2016
Force Update Ensures End Users Perform Device Updates:
Force Update enables the enterprise administrator to force end users to update their IronKey Secure Storage devices via group policy. The administrator configures a grace period for the end user to complete a device update. If a device is not updated within the grace period it is put into read-only mode until the update is completed. Force Update is available for S250 and D250 devices using IronKey Enterprise 220.127.116.11.
April 6, 2016
IronKey WorkSpace W700SC Managed By EMS:
IronKey's Workspace W700SC is now manageable through this service. With the IronKey Workspace W700SC, active-duty military personnel, government employees and federal contractors can use their CAC or PIV smart cards to unlock their IronKey Workspace W700SC drive so agencies are in full compliance with HSPD-12. For more information, visit IronKey.com
April 6, 2016
Release of IronKey Enterprise 18.104.22.168 for S250 and D250:
IronKey Enterprise 22.214.171.124 for S250 and D250 devices is now available.
- Resolved an issue where not all special characters are accepted in the password if policy requires special characters.
- Updated expired certificates and added additional root certificates.
- Resolved an issue where Admin Console did not report correct device version after update.
ePolicy Orchestrator (ePO) 5.3 Notification:
During a recent release of ePO 5.3, a change in the Intel Security ePO API that provides a mechanism for communicating events to the eOP console was identified. The result is that events for Encrypted USB managed devices are not recorded or displayed in the console. Official support is currently for ePO versions 4.6, 5.0 and 5.1. We are are working closely and urgently with Intel Security to resolve this issue. We recommend that customers do not upgrade to ePO 5.3.x until this issue is resolved. If you encounter this issue or are awaiting a fix, please contact firstname.lastname@example.org. Our Technical Support team will record your contact information and alert you once the issue has been resolved.