Designed for high security and medium assurance applications the secure laptop configuration uses the SPYRUS Rosetta microSDHC™ HSM hardware and SPYRUS NcryptNshare™ RES Disk software on a standard commercial Windows tablet. Combined with Microsoft security settings and GPOs creates an easy to deploy and simple to use secure system. Combined with customizable deployment and configuration options make this a simple solution to deploy and use without comprising security or data integrity.
The solutions uses the FIPS 140-2 certified Rosetta HSM Smartcard in a microSDHC format with the SPYRUS NcryptNshare RES Disk software to create a hardware authenticated virtual vault on the tablet hard drive. Combined with Microsoft security policies rendering the remaining portion of the tablet hard drive unwritable to the user and blocking the use of external storage devices. With the creation of an administration Recovery Agent token a system or security administrator can be given access to add, remove or audit information in the vault.
Once deployed the user will simply boot their tablet, once they authenticate to Windows the RES Disk login widow will pop up for authentication to their workspace. One the password is entered and the Vault has been authenticated the user can work as usual. The rest of the hard drive will be unavailable for use leaving all data secured with two layers of hardware and software encryption.
For an additional layer of hardware encryption the solution can be configured on a SEMS™ managed or standalone SPYRUS WorkSafe™ Pro Windows to Go drive.