Spyrus Secure Pocket Drive Gains Patent

Adding to its portfolio of domestic and international patents, SPYRUS, Inc. was issued U.S. Patent No. 7,757,100 on July 13, 2010 for protecting and launching a native operating system from a secure USB flash drive.

This patent covers the implementation of a secure boot loader to authenticate and check the integrity of an encrypted storage device and the operating system loaded onto it. This new patent was issued to SPYRUS, Inc. as a continuation of patent 7,380,140. Additionally, the patent describes how user data on the encrypted device can be backed up without decryption.

This new patent, in addition to several others in the SPYRUS portfolio, is leveraged by the SPYRUS Secure Pocket Drive to create a self-contained PC operating environment that you can carry in your pocket. The advanced hardware security of the Secure Pocket Drive ensures that the operating system loaded onto the device at the factory is the same operating system that will be launched each time Secure Pocket Drive is booted. Using the componentized Windows Embedded Standard as the installed operating system allows SPYRUS to decrease the threat surface even further by eliminating system components that are not required to support the desired functionality of the device.

The SPYRUS Secure Pocket Drive also has been verified as Citrix Ready. The Citrix Ready program helps customers identify third-party solutions that are recommended to enhance virtualization, networking and cloud computing solutions from Citrix. Secure Pocket Drive completed a rigorous verification process to ensure compatibility with Citrix XenApp, providing confidence in joint solution compatibility.

The combination of Citrix XenApp and the SPYRUS Secure Pocket Drive creates a portable computing environment that can be deployed anywhere by mobile workers without fear of keyloggers or screen-scrapers on home or public PCs capturing passwords and risking the compromise of confidential information.

The Remote Access Edition of Secure Pocket Drive also prevents a rogue employee from leaking confidential information, because the host PC’s internal hard drive isn’t mounted, print drivers are not loaded, and data cannot be written to the device itself. Secure Pocket Drive can be managed through enterprise domain group policy settings, just like any other PC.

Secure Pocket Drive utilizes advanced hardware security techniques to provide the most secure, trusted, zero footprint operating environment for the mobile user. Its hardware crypto core is Common Criteria EAL 5+ validated and it was designed to meet FIPS 140-2 Level 3 specifications for tamper resistant epoxy potting with built-in anti-tamper and self-destruct mechanisms. This protects the device against unauthorized access to the device and data. Level 2 validation was granted and Level 3 validation is pending.

Secure Pocket Drive uses the same on-board hardware security infrastructure built into the SPYRUS Hydra Privacy Card family, including XTS-AES 256, AES CBC, ECDH, ECDSA, ECC P-384, and SHA-384, which together make up the National Security Agency’s Suite B cryptography. Every sector of the device’s memory is protected with advanced, hardware-based XTS-AES 256-bit encryption recommended by the NIST SP800-38E standard for full disk encryption.

Several editions of Secure Pocket Drive are available to federal, state, and local governments in configurations of 2GB, 4GB, 8GB and 16GB memory sizes. By installing packaged or custom applications, organizations can allow users to perform standard desktop functions such as e-mail, word processing, spreadsheets, database, network/internet browsing and scheduling. Secure Pocket Drive can be customized to meet organization-specific requirements.

"Because XenApp is in such wide use, our customer base is as excited as we are to have Secure Pocket Drive validated under the Citrix Ready program," said Tom Dickens, Chief Operating Officer of SPYRUS. "Public sector organizations understand the need for mobility, but are wary of employees using untrusted USB flash devices and home PCs. Security for the Secure Pocket Drive is designed, developed, and manufactured in the U.S.A. to mitigate the dirty supply chain problem that is of increasing concern to governments around the world. The Secure Pocket Drive brings Security to the Edge for an entire Windows-based operating environment that is securely protected, self-contained and portable."