IronKey Enterprise S200 User manual
PAGE 1IRONKEY USER GUIDE
IRONKEY Personal
User Guide
Models
S200, S100
D200
PAGE 1IRONKEY USER GUIDE
Thank you for your interest in IronKey.
IronKey is committed to creating and developing
the best security technologies and making
them simple-to-use, affordable, and available
to everyone. Years of research and millions of
dollars of development have gone into bringing
this technology to you in the IronKey.
For a quick product overview, you can also view
our online demos at https://www.ironkey.com/demo.
We are very open to user feedback and would
greatly appreciate hearing about your comments,
suggestions, and experiences with the IronKey.
Standard Feedback:
feedback@ironkey.com
Anonymous Feedback:
https://www.ironkey.com/feedback
User Forum:
https://forum.ironkey.com
PAGE 2IRONKEY USER GUIDE
CONTENTS
What is it? ................................................3
Meet the IronKey .......................................................3
Core Features ..........................................................3
Device Diagrams .......................................................5
Technical and Security Notes ..............................................6
IronKey Device Security .................................................6
IronKey Services Security ................................................7
How does it work? .........................................9
Product Walkthrough ....................................................9
Initializing and ActivatingYour IronKey on Windows ............................9
Using the IronKey Unlocker on Windows ...................................11
Initializing and ActivatingYour IronKey on a Mac .............................12
Using the IronKey Unlocker on a Mac .....................................13
InitializingYour IronKey on Linux .........................................14
Using the IronKey Unlocker on Linux .....................................14
Using the IronKey Control Panel (Windows and Mac) .........................16
Using the IronKeyVirtual Keyboard (Windows Only) ..........................19
Using the IronKey Identity Manager (Windows Only)..........................21
Using the Secure Backup Software (Windows Only) ..........................23
.................24
Using my.ironkey.com (Windows and Mac) .................................26
UsingYour IronKey in Read-Only Mode (Windows, Mac, Linux) ..................28
...................................................29
What’s next? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Where can I go for more info?............................................30
Who is the IronKey Team? ...............................................30
Contact Information ....................................................31
PAGE 3IRONKEY USER GUIDE
What is it?
Meet the IronKey
The IronKey Personal Secure Flash Drive, designed to be the world’s
privacy with some of today’s most advanced security technologies. Even
if your IronKey is lost or stolen, your data remains protected and can
even be restored to a new IronKey from an encrypted backup. While the
underlying security technologies are complex, the IronKey is simple to use
and you only need to remember a password to unlock it.
Core Features
Hardware-Encrypted Flash Drive
Your IronKey can safely store 1, 2, 4, 8, or 16 gigabytes of documents,
government information, and it cannot be disabled or accidently turned
off.
Self-Destruct Sequence
If the IronKey Cryptochip detects any physical tampering by a thief or
a hacker, it will self-destruct. Similarly, after 10 consecutive incorrect
password attempts
technology.
Anti-Malware Autorun Protection
Your IronKey helps protect you from many of the latest malware threats
unapproved programs, and it can be unlocked in a Read-Only Mode.
PAGE 4IRONKEY USER GUIDE
Portable Cross-Platform Data Access
Windows 2000, XP, Vista, Mac OS X and numerous distributions of Linux.
Simple Device Management
Your IronKey includes the IronKey Control Panel, a central launchpad for
launching your applications, editing your preferences, and safely locking
your IronKey.
Secure Data Recovery
Securely back up the data on your IronKey using IronKey’s Secure Backup
software. It allows you to recover your data to a new IronKey in case
your IronKey is ever lost, and even synchronize data between IronKeys.
Stealth Browsing Technology
Surf the Web safely and privately through almost any network, even across
unsecured wireless hotspots, with IronKey’s Secure Sessions Service. It
can be easily toggled through the onboard Mozilla Firefox web browser.
Self-Learning Password Management
Securely store and back up all your online passwords as you go with the
IronKey Identity Manager. It allows you to automatically log into your
online accounts to avoid keylogging spyware and phishing attacks.
Online my.ironkey.com Account
You can manage all of your IronKeys online at https://my.ironkey.com, a
secure website that requires two-factor authentication to access it. Here
you can recover forgotten passwords, disable device services, and more.
Online Security Vault
If your IronKey is ever lost or stolen, you can easily restore your online
passwords from an encrypted online backup.
Waterproof and Tamper-Resistant
The IronKey was designed to survive the extremes. The IronKey’s rugged
casing is injected with an epoxy compound that makes it not only tamper-
MIL-STD-810F).
Section 508 compliance
The IronKey Control Panel is Section 508 compliant. Users with
disabilities have keyboard navigation and screen reader support.
PAGE 5IRONKEY USER GUIDE
Device Diagrams
The IronKey has been designed from the ground up with security in mind.
A combination of advanced security technologies are used to ensure
maximum protection of your data. Additionally, the IronKey has been
designed to be physically secure, to prevent hardware-level attacks and
tampering, as well as to make the device rugged and long-lasting. You can
rest assured that your data is secured when you carry an IronKey.
This IronKey Cryptochip is hardened against physical attacks such as
its protected data or reset the password counter. If the Cryptochip
detects a physical attack from a hacker, it will destroy the encryption keys,
Area to engrave
your name/code
Multi-color LED
USB 2.0
Connector
Cap
Rugged case
Laser-engraved
unique serial number
devices)
PAGE 6IRONKEY USER GUIDE
Technical and Security Notes
We are endeavoring to be very open about the security architecture and
technology that we use in designing and building the IronKey devices and
online services.There is no hocus-pocus or handwaving here.We use
established cryptographic algorithms, we develop threat models, and we
way through design, development and deployment.
IRONKEY DEVICE SECURITY
Data Encryption Keys
» AES keys generated by onboard Random Number Generator
» AES keys generated by user at initialization time and encrypted
»
Self-Destruct Data Protection
»
» Password try-counter implemented in tamper-resistant hardware
» Once password try-count is exceeded, all data is erased by hardware
Additional Security Features
» USB command channel encryption to protect device communications
» Firmware and software securely updateable over the Internet
»
Physically Secure
» Solid, rugged case
» Encryption keys stored in the tamper-resistant IronKey Cryptochip
» All chips are protected by epoxy-based potting compound
»
Device Password Protection
The device password is hashed using salted SHA-256 before being
transmitted to the IronKey Secure Flash Drive over a secure and unique
USB channel. It is stored in an extremely inaccessible location in the
is no “getPassword” function that can retrieve the hashed password), and
only after the password is validated is the AES encryption key unlocked.
The password try-counter is also implemented in hardware to prevent
memory rewind attacks.Typing your password incorrectly too many times
in hardware rather than using software, ensuring the ultimate protection
for your data.
PAGE 7IRONKEY USER GUIDE
Identity Manager Protection
The IronKey Identity Manager and my.ironkey.com work together, giving
you the ability to back up your online passwords to your Online Security
Vault at my.ironkey.com. First, you must unlock your IronKey device, which
requires two-factor authentication. Your passwords are securely stored
generated keys encrypted with a SHA-256 hash of your device password.
All of this data is then doubly encrypted with 128-bit or 256-bit AES
hardware encryption.This is the strongest password protection we have
ever seen in the industry.
When you back up your passwords online, IronKey performs a
complicated public key cryptography handshake with IronKey’s services
using RSA 2048-bit keys. After successful authentication, your encrypted
block of password data is securely transmitted over SSL to your
encrypted Online Security Vault within one of our highly-secure data
facilities.
IRONKEY SERVICES SECURITY
Secure Facilities
IronKey hosts its online services at state-of-the-art third-party data
center facilities. Physical access to the IronKey systems requires multiple
levels of authentication, including but not limited to hand geometry
biometric readers,“man trap” entry, government-issued photo ID
is equipped with numerous surveillance cameras, motion detectors, and
a sophisticated alarm system.The IronKey infrastructure resides in a
secured cage.The entire facility is monitored by dedicated on-site security
personnel on a 24x7 basis.
Secure Environments and Policies
Logical access to the IronKey environments is controlled by multiple
prevention systems and application security appliances. For additional
protection, IronKey partitions its online services and backend applications
into different network segments with independent security rules and
policies.
Secure Communications and Data at Rest
When users access IronKey web sites and services, all information is
exchanged over an encrypted channel.This is accomplished through
applications encrypt all sensitive data prior to transmitting it within the
IronKey network and storing in databases.
PAGE 8IRONKEY USER GUIDE
Secure Sessions: Making Tor Faster and More Secure
IronKey maintains a secure, private Tor network with its own, high-
improves the overall security in at least two ways:
Since IronKey controls the “exit-node” in your encrypted Tor
circuit, we can ensure that no one is injecting unwanted or
malicious content into your online communications, such as
advertisements or spyware.You are not assured this level of
security with other publicly-run exit-nodes.
IronKey can also make sure that no exit-node is redirecting
anti-pharming measure can also help mitigate phishing attacks
and other online threats.
Find lots more technical information at https://learn.ironkey.com.
PAGE 9IRONKEY USER GUIDE
How does it work?
Product Walkthrough
Your IronKey Personal Secure Flash Drive consists of the following components:
» IronKey Unlocker (Windows, Mac and Linux)
» IronKey Control Panel (Windows and Mac)
» IronKey Virtual Keyboard (Windows only)
» Mozilla Firefox and IronKey’s Secure Sessions Service (Windows only)
» IronKey Identity Manager (Windows only)
» IronKey Secure Backup (Windows only)
» my.ironkey.com (Windows and Mac)
Standard Usage Requires:
»
» A USB 2.0 port for high-speed data transfer
» An email address and Internet connection for the online services
INITIALIZING AND ACTIVATINGYOUR IRONKEY ON WINDOWS
Guide. Below is a brief description of the standard way of setting up an IronKey:
Step Description
1 Plug the IronKey into your
Windows computer’s USB port.
Your IronKey can be initialized on a Windows 2000,
XP, Vista computer. It can also be set up on Mac
Linux.
To use the full speed of the IronKey, plug it into a USB
2.0 port.
2 The “Initialize Your IronKey”
screen appears.
The IronKey autoruns as a virtual CD-ROM.
This screen might not appear if your computer does
not allow devices to autorun. You can start it manually
by double-clicking the IronKey Unlocker drive in “My
PAGE 10IRONKEY USER GUIDE
3 Create a device password and a
nickname for your IronKey.
Because you can have multiple IronKeys associated
with one IronKey account, the nickname helps you
distinguish between different IronKey devices.
Your password is case-sensitive and must be at least
4 characters in length. The threat of brute-force
password attacks is removed by the IronKey’s self-
destruct feature.
4 Back up your password to your
online IronKey account
You have the option to back up your password online
to your my.ironkey.com account. That way, if you ever
forget your password, you can safely log into
https://my.ironkey.com and recover it.
5 Agree to the License Agreement The IronKey’s End-User License Agreement appear.s
This can also be found online at:
https://www.ironkey.com/terms
6 The IronKey initializes. During this process, it generates the AES encryption
volume.
7 Activate your my.ironkey.com
account.
my.ironkey.com is a secure site where you can manage
your IronKey account and devices. Accessing
my.ironkey.com
IronKey and your password).
8 Follow the onscreen directions to
setup your my.ironkey.com account.
You will create a unique username and password,
supplemental authentication.
You will also select a Secret Image that you will see
whenever you log in, as well as a Secret Phrase that is
used as an anti-phishing measure when communicating
with you via email.
9
email by entering in the activation
code on the website.
IronKey must verify your email address because it uses
it to help you reset your account password, unlock
your my.ironkey.com account, and to notify you about
account security alerts.
At this point, your IronKey is ready to protect your data, identity, and online privacy.
yy
PAGE 11IRONKEY USER GUIDE
USING THE IRONKEY UNLOCKER ON WINDOWS
It prompts you for your password, securely validates it, and then mounts your secure volume
Step Description
1 Plug in your IronKey and unlock
it with your password.
When you plug your IronKey in, the “Unlock Your
IronKey” window appears.
If this screen does not appear, you can start it
manually by double-clicking the IronKey Unlocker
drive in “My Computer” and double-clicking the
in hardware) will mount your secure volume with
Entering the wrong password 10 consecutive times
will permanently erase all of your data. After every
three attempts, you must unplug and reinsert the
IronKey.
2 Choose which action to take
when you unlock it.
By selecting the corresponding checkboxes before
launch the IronKey Control Panel, unlock the IronKey
securely log into your my.ironkey.com account.
PAGE 12IRONKEY USER GUIDE
INITIALIZING AND ACTIVATINGYOUR IRONKEY ON A MAC
If you prefer to use a Mac, you can choose to initialize your IronKey on a Mac OS X computer:
Step Description
1 Plug the IronKey into your
computer’s USB port.
computers. It can also be set up and used on Windows
and Linux.
To use the full speed of the IronKey, plug it into a USB
2.0 port.
2 Double-click the IronKey drive
on your desktop, and double-click
Your IronKey” screen appears.
The IronKey autoruns as a virtual CD-ROM.
NOTE: You can install the IronKey Auto-Launch
Assistant, which automatically opens the IronKey
Unlocker when you plug in an IronKey. See
“Preferences” in IronKey Control Panel Settings.
only)
3 Create a device password and a
nickname for your IronKey.
Your password is case-sensitive and must be 4 or more
characters long. The threat of brute-force password
attacks is removed by IronKey’s self-destruct feature.
4 Agree to the License Agreement. The IronKey’s End-User License Agreement appears.
This can also be found online at:
https://www.ironkey.com/terms
5 The IronKey initializes. During this process, it generates the AES encryption
This process might take a minute.
PAGE 13IRONKEY USER GUIDE
6 Activate your my.ironkey.com
account.
my.ironkey.com is a secure site where you can manage
your IronKey account and devices. Accessing
my.ironkey.com
IronKey and your password).
7 Follow the onscreen directions to
setup your my.ironkey.com account.
You will create a unique username and password,
supplemental authentication.
You will also select a Secret Image that you will see
whenever you log in, as well as a Secret Phrase that is
used as an anti-phishing measure when communicating
with you via email.
9
email by entering in the activation
code on the website.
IronKey must verify your email address because it uses
it to help you reset your account password, unlock
your my.ironkey.com account, and to notify you about
account security alerts.
At this point, your IronKey is ready to protect your data, identity, and online privacy.
USING THE IRONKEY UNLOCKER ON A MAC
password on a Mac. You can use additional IronKey applications and services on Windows.
Step Description
1 Plug the IronKey into your
computer’s USB port.
2 Double-click the IronKey drive
on your desktop, and double-click
Your IronKey” screen appears.
NOTE: You can install the IronKey Auto-Launch
Assistant, which automatically opens the IronKey
Unlocker when you plug in an IronKey. See
only)
3 Unlock it with your password.
in hardware) will mount your secure volume with
Entering the wrong password too many times will
permanently erase all of your data. After every
three attempts, you must unplug and reinsert the
IronKey.
4 Choose which action to take
when you unlock it.
By selecting the corresponding checkboxes before
launch the IronKey Control Panel, unlock the IronKey
securely log into your my.ironkey.com account.
PAGE 14IRONKEY USER GUIDE
INITIALIZINGYOUR IRONKEY ON LINUX
If you prefer to use a Linux computer, you can choose to initialize your IronKey on Linux:
Step Description
1 Plug it into your computer’s USB
port.
systems only). It can also be setup and used on
Windows and a Mac.
To use the full speed of the IronKey, plug it into a USB
2.0 port.
2 Run the ironkey program from
the IronKey’s linux folder.
The IronKey has a virtual CD-ROM.
You must start the IronKey Unlocker manually by going
to the linux folder and running ironkey.
3 Agree to the license agreement. The IronKey’s End-User License Agreement appears.
terms. (It’s also online at: https://www.ironkey.com/terms)
4 Create a device password and a
nickname for your IronKey.
Because you can have multiple IronKeys, the nickname
helps you distinguish between different IronKey
devices.
Your password is case-sensitive and must be at least 4
characters long. The threat of brute-force password
attacks is removed by the IronKey’s self-destruct
feature.
5 The IronKey initializes. During this process, it generates the AES encryption
This process might take a minute.
Your IronKey is now ready for use.
USING THE IRONKEY UNLOCKER ON LINUX
and Linux computers. You can use the other IronKey applications and services on a Windows
computer.
Depending on your Linux distribution, you might need root privileges to use the program
“ironkey” found in the Linux folder of the mounted virtual CD-ROM. If you have only one
IronKey attached to the system, simply run the program from a command shell with no
ironkey). If you have multiple IronKeys, you will have to specify the device
name of the one you want to unlock.
PAGE 15IRONKEY USER GUIDE
NOTE: ironkey only unlocks the secure volume; it must then be mounted. Many modern
Linux distributions will do this automatically; if not, run the mount program from the command
line, using the device name printed by ironkey.
To change the password of the IronKey named “devicename,” enter:
ironkey --changepwd [devicename]
To lock the IronKey named “devicename,” enter:
ironkey --lock [devicename]
To unlock the IronKey in Read-Only Mode, enter:
ironkey --read-only
To unlock the IronKey with the password “devicepassword,” enter:
ironkey --password [devicepassword]
Simply unmounting the device does not automatically lock the secure volume. To lock the
ironkey --lock
Please note the following important details for using your IronKey on Linux:
1. Kernel Version must be 2.6 or higher
If you compile your own kernel, you must include the following in it:
» DeviceDrivers->SCSIDeviceSupport-><*>SCSICDROMSupport
» DeviceDrivers-><*> Support for Host-side USB
»
» DeviceDrivers-><*> EHCI HCD (USB 2.0) support
» DeviceDrivers-><*> UHCI HCD (most Intel and VIA) support
» DeviceDrivers-><*> USB Mass Storage Support
The kernels that are included by default in most major distributions already have these features,
so if you are using the default kernel that comes with a supported distribution you do not need
to take any other action.
Also, on 64-bit linux systems the 32-bit libraries will have to be installed in order to run the
ironkey program.
2. Mounting problems
Make sure you have permissions to mount external SCSI and USB devices
» Some distributions do not mount automatically and require the following command to
be run:
mount /dev/<name of the device> /media/<name of the mounted device>
» The name of the mounted device varies depending on the distribution.The names of
the IronKey devices can be discovered by running:
ironkey --show
PAGE 16IRONKEY USER GUIDE
Step Description
1 Creating, editing, deleting secure
When you click “Secure Files” in the IronKey Control
Panel, the default browser on your computer opens
directly to your secure volume.
as simple as moving them into the secure volume.
convenience of working as you normally would with a
on” security.
3. Permissions
» You must have permissions to run executables off the IronKey CD-ROM in order to
launch the IronKey Unlocker
» You might need root user permissions
4. Supported distributions
Not all distributions of Linux are supported. Please visit https://support.ironkey.com/linux for the
latest list of supported distributions.
5.The IronKey Unlocker for Linux only supports x86 systems at this time.
See https://support.ironkey.com/linux for more information.
USING THE IRONKEY CONTROL PANEL (WINDOWS AND MAC)
The IronKey Control Panel is a central
location for:
»Launching secure applications
»Securely logging into my.ironkey.com
»
»Updating your device
»Changing your IronKey password
»Safely locking your device
»Getting online help
Most of the Control Panel’s options are
located in the “Settings” menu.
NOTE: The Windows version of the
IronKey Control Panel is shown.
PAGE 17IRONKEY USER GUIDE
2 The IronKey can securely update its software and
hardware. This allows users to keep their devices up-
to-date and protect themselves from future malware
and online threats.
To check for available updates, click the “Check for
Windows: If an update is available, you can
download and install it by clicking the “Download
Update” button.
Mac: You can check for and download policy
updates. However, you must download software
updates on a Windows computer.
3
»You can enable the Identity Manager.
»You can enable Secure Sessions.
»Select the default web browser for your IronKey.
»You can set a device time-out to automatically lock
»You can install the IronKey Auto-Launch Assistant,
which automatically opens the IronKey Unlocker
Important drive maintenance features:
»You can reformat your secure volume.
»You can restore your IronKey applications if they
4
network and proxy settings
Internet:
»Direct Connection: Does not use a proxy.
»Use System Settings
of your computer from the following locations.
Windows: Control Panel > Internet Options
Mac: System Preferences > Network > Proxy
IMPORTANT: Firefox proxy settings must be
the same as System Preferences and IronKey
Control Panel. Firefox does not use System
Preference data.
»: Enter the URL or path to where
»Manual Proxy: Enter the URL and port number for
your proxy server.
If proxy authentication is required, you can enter your
PAGE 18IRONKEY USER GUIDE
5 Creating a Lost and Found Message This feature allows you to create a message that will
appear on the IronKey Unlocker window. In the event
that you lose your IronKey, someone can return it to
you if you provide your contact information.
6 Changing your device password You can change your device password and optionally
back it up online to your Online Security Vault at
my.ironkey.com.
Changing your password on a regular basis is a good
security practice. However, be especially careful to
remember your IronKey password.
7 Viewing device details You can view details about your device, including
to the clipboard for your forum posting or support
8 Adding, renaming, and removing
applications to the Applications List
To manage the items in the Applications List of the
IronKey Control Panel, simply right-click anywhere
in Applications List and click to add, rename, delete
applications in the list.You can also change between
icon and list view.
NOTE:
»Mac: Applications installed on the secure volume
»
»Items are automatically sorted alphabetically.
»
»For items that are not applications,Windows will
open the item with the default program associated
9 Locking and unplugging the IronKey
locks the device. It is then safe to unplug it from your
computer. Ensure that you close all open applications
corruption.
PAGE 19IRONKEY USER GUIDE
USING THE IRONKEY VIRTUAL KEYBOARD (WINDOWS ONLY)
If you are using your IronKey on an unfamiliar computer and are concerned about keylogging
and screenlogging spyware, use the IronKeyVirtual Keyboard, which helps protects your
passwords by letting you click out letters and numbers. The underlying techniques in the
IronKey Virtual Keyboard will bypass many trojans, keyloggers, and screenloggers.
The IronKey Virtual Keyboard can be launched in a couple of ways:
»
your device password, initializing your device), click the Virtual Keyboard icon
»
The IronKey Virtual Keyboard can be used in a number of other applications when you need
Step Description
1 Click the IronKey Virtual
Keyboard icon.
The IronKey Virtual Keyboard
appears.Alternatively, you can
2 Click the keys to type your
password. Click “Enter” when
You can use the IronKeyVirtual Keyboard in
conjunction with the actual keyboard, so that you type
some characters and click some characters.
3 You can optionally click the
“Randomize” button to
randomize where the keys
are. This helps protect against
screenloggers.
When you click a key in the Virtual Keyboard, all of
the keys go blank. This feature prevents screenloggers
from capturing what you clicked.
If you do not want to use this feature, you can disable
it in the options menu next to the close button.
Keyboard to automatically launch when it encounters
Other manuals for Enterprise S200
2
This manual suits for next models
2
Table of contents
Other IronKey Storage manuals
IronKey
IronKey Enterprise S200 User manual
IronKey
IronKey Enterprise S200 User manual
IronKey
IronKey USB Flash Drives User manual
IronKey
IronKey Enterprise S1000 User manual
IronKey
IronKey ENTERPRISE S250 User manual
IronKey
IronKey Workspace W500 User manual
IronKey
IronKey Personal USB Flash Drive Assembly Instructions
IronKey
IronKey Workspace W700-SC User manual
IronKey
IronKey Personal Secure Flash Drive Personal User manual
IronKey
IronKey Secure Flash Drive Enterprise User manual
Popular Storage manuals by other brands
TrekStor
TrekStor DataStation pocket pace 3.0 operating instructions
Synology
Synology DS923+ product manual
IBM
IBM Storwize V7000 Quick installation guide
Iomega
Iomega Desktop Hard Drive UDB quick start guide
Fujitsu
Fujitsu ETERNUS DX Disk Configuration guide
Seagate
Seagate ST3500601XS-RK - 500 GB External Hard Drive quick start guide
Hitachi
Hitachi Travelstar HTS542525K9SA00 Specifications
Sony
Sony MicroVault USM4GP operating instructions
Tandy
Tandy 1000 EX installation guide
morse
morse 400A-96SS-124 Operator's manual
Industrial Devices Corporation
Industrial Devices Corporation Impulse PCW-5181 user manual
Glyph
Glyph GT308-120 Specifications