Secure Code Signing

The Challenge with Globally Distributed Research and Development Organizations (Data Analytics, Secure Code Signing, Secure Collaboration)

The globalization of the world’s economic system has produced a flattened global business landscape that transcends even the far-reaching “World is Flat” views postulated by Friedman in 2005. Research and development organizations are no longer housed in a single building, a single bullpen, or even within a single geographic location. The meteoric rise of outsourcing coupled with rapid acquisitions and divestitures of companies has produced a global landscape in which project taskings are allocated across geographical and governmental boundaries, creating an effective 24/7 development environment. Developers in multiple countries may operate in a shared development environment, using local toolsets to develop code, and then sign them and upload them into a cloud.

For other development efforts, such as distributed drug discovery operations, clinical trials, and data analytics, the globally distributed workforce uses similarly large application and data stores and then submits results to a central archive for processing and analysis. Common to all of these distributed environments is the need for unprecedented information assurance to ensure protection of intellectual property as well as prevent the insertion of malware or spurious code. Data and code signing and strong authentication is mandatory in these instances. The strong authentication issues are compounded by the need for large sizes of secure local storage for the support of large development toolsets and/or data stores for “in memory” data analytics.

How SPYRUS Helps

SPYRUS Windows To Go and PocketVault™ P-3X USB 3.0 encrypting storage devices provide an outstanding solution to meet the challenges involved with supporting a globally distributed research and development environment. The full spectrum of features provided by the pocket-sized SPYRUS family of Windows To Go devices including capacities to 512 GB and internal FIPS 140-2 Level 3 rated HSMs assure a secure, managed endpoint that is an extension of the corporations IT infrastructure. And additional benefit results when the IT costs are reduced from enterprises assimilating other organizations through M&A processes, where the overall cost of integration can be markedly reduced by providing the SPYRUS Windows To Go solution as a common computing platform regardless of the brand, OS, form factor of the laptop or desktop it is plugged into. The PocketVault P-3X, having SSD-like speeds over the USB 3.0 connection, also uniquely includes an internal FIPS 140-2 Level 3 HSM and can be utilized as a program data store for non-Windows development environments such as LINUX, VxWorks, or other real time operating systems for systems development.

Some notable features are as follows:

Safeguard Code Signing Keys

SPYRUS Rosetta HSM can securely safeguard individual code signing keys for developers along with Visual Studio, SharePoint, and TFS tools to improve the security and audit process for code development. (SPYRUS Rosetta HSM)

Protect Operating Environment and Developer Toolchains

SWTG DataVaults enable developers to store content in a hardware encrypted memory partition while protecting the Windows operating environment and developer’s toolchains from malware when using Read-Only mode. DataVaults can also be provisioned to enable the developer to access their content when inserting the SPYRUS Window To Go drive into a booted Windows PC or tablet and used as an encrypting USB storage drive to enable the secure transfer of development files before and after travel. (SPYRUS Windows To Go Live Drives)

Security for Data at Rest

SPYRUS WorkSafe™ Pro and Secure Portable Workplace™ use advanced XTS-AES 256 mode of encryption, totally transparent to the user while operating at SSD category speeds, is the IEEE standard for full disk encryption and much stronger than using software based full disk encryption. For added protection without reducing performance, SPYRUS provides its Defense-in-Depth two-layer encryption protection by enabling optional BitLocker software encryption, with the BitLocker passwords securely protected in the hardware encrypted memory partition. (SPYRUS Windows To Go Live Drives)

Mitigate Data Leakage and Malware Propagation

For teleworkers performing their duties by accessing cloud based applications or via remote portals, the SWTG devices provisioned for Read-Only provide strong cryptographic security for VDI and thin-client applications by eliminating persistent data changes to the data stored on the drives and also mitigate the persistent threats of exfiltration and malware propagation. (SPYRUS Windows To Go Live Drives)

Device and Data Management

All SWTG products are complemented by the SPYRUS Enterprise Management System (SEMS).   SEMS offers risk management via global, national and organizational control over those important corporate and personal IT information assets which have previously been confined and protected within the physical IT infrastructure of a facility, but now require protection as they travel the world within USB endpoint devices.   SEMS provides central management for SWTG drives with numerous policy driven functions including user access, device enablement/disablement, “kill” inoperability, group or user policy changes, audit recording, and password changes. The SEMS architecture allows an unlimited number of devices to be managed with facilities for multiple administrators based on organizational needs and policies. The persistent audit trail provided by SEMS permits the real time monitoring of an “Acceptable Usage Agreement” for BYOD support.

In-field updates and policy changes can be uniformly administered with SEMS and SCCM with common procedures rather than returning devices to a central “loan pool.”   SEMS ease of use is an important management and cost consideration in deploying scalable device management systems. Under SEMS, System Administrators primarily operate in a demand-based environment. SEMS allows them to take actions for control of devices based on user-driven operational help requests, threat circumstances, or organization-driven policy changes. (SPYRUS Enterprise Management System – SEMS)

We already work with:

Speak to an Expert

If you would like to speak with a SPYRUS expert regarding our products and services, please click on the button below to get all of our contact information. We look forward to assisting you and answering all of your questions.