IRONCLAD is an encryption toolkit that serializes data to devices on the corporate network. At the core, it uses industry standard symmetric and public key cryptographic approaches to encrypt data on sanctioned network computers. Files are decrypted as the user works with data and reencrypted when not in use. Encryption functions are performed using a service hosted in the user's operating environment, using keys seeded from a quantum random number generator (QRNG). Data encrypted can only be decrypted by a user within an authorized network security group.
Keys are generated from random processes that cannot be reverse engineered using properties of the user environment.
Standard, pluggable algorithm archicture allows for crytographic choices that align with corporate information security policies or the use of enterprise-sanctioned cryptographic suite vendors.
Files are encrypted independently of the disk, allowing the disk to be freely optimized without corrupting the supporting encryption blocks.
Files can be recovered by authorized members of enterprise security groups, providing ease of encrypted file sharing within work groups without traditional reassignment overhead associated with other encryption processes.
Files are resilient and recoverable given damage to the user device, meaning that replacing a network card or core mother board of a user's computer does not invalidate or render protected files unrecoverable.
Phishing is the malicious act of sending a message to an unsuspecting recipient that entices them to either reveal proprietary information or execute a message attachement that subsequently establishes a point of exploitation on the user's network.
Exploits or unsanctioned devices executed on the corporate network are particularly dangerous because they are not governed by enterprise inforation security policies and can easily enable the exfiltration of sensitive or valuable data.
For exploits on sanctioned devices, moving data outside the enterprise happens as the legitimate user works, without his notice. Unsanctioned devices attempt connection to legitimate corprotate resources, and attempt to move data off premisis upon their access.