Microcrypt Technologies Ltd.


Data Armoring Innovations for portable protecting of your privacy

Armorino − it is Solid State Secure Storage Portable Drive that can effectively counteract various security threats that arise when dealing with corporate or personal confidential information.

The main purpose of Armorino − safe storage, transfer and backup of confidential information on Windows-based workstations. It is a universal key carrier and a strong authentication tool for various IT systems. To ensure the confidentiality of information the device uses a highly reliable block symmetric cipher AES-256 and the user authentication by a password. The number of failed authentication attempts is limited. "Transparent" encryption and password verification are implemented directly in hardware, which allows to achieve a high level of protection without the performance degradation.

Armorino is a universal tool for two-factor authentication! With it you just need to remember only one password to access the device itself, and all other passwords and secret keys you can save in a hardware encrypted memory of the device. In addition, the device supports authentication mechanisms based on "dynamic" passwords (one-time and temporary) and also on public key certificates!

Armorino is a universal tool for "transparent" data encryption at all stages of its storing and transportation!  Armorino device hardware encrypts all data stored to its protected partition. Also it is integrated with the «Secure Virtual Drive» software, which allows you to create encrypted virtual partitions on local workstations. And Armorino supports creating and restoring of files and folders encrypted backups in the public or private "cloud" storages. In this use case the access and encryption keys to the virtual partitions and the "cloud" storages are also stored in protected memory of Armorino. Together, these features allow you to create a working environment of continuous data protection, regardless of the number of workplaces you have: locally documents are stored to encrypted partitions, but transferred between workstations and backed up in the encrypted form only! In this Armorino is single access key-token to all encrypted storages!

Armorino device can be used for safe storage of critical software, which can be run directly from the drive on any Windows workstation. This way of running mission critical software, in some cases, can significantly increase the degree of protection against malicious programs.

Armorino provides a flexible rights management system and it supports multiple user roles with different access rights. For each privileged role a password-based authentication is required. This system enables you to introduce a uniform security policy at your enterprise and to prevent possible risks associated with password forgetting and as a consequence the loss of important information.

Armorino product line:

  • Armorino Enterprise Edition − a full-featured version (supports the separation of privileged profiles User and Administrator, the ability of local and remote passwords reset, supports of enterprise data storages and centralized security policy management);
  • Armorino Personal Edition − a limited version, supports only one privileged profile (Administrator), missing of all above mentioned Enterprise features;
  • Armorino Enterprise Console − management "console" for centralized configuration and maintenance of all Armorino Enterprise Edition devices within customer organization.

Armorino devices functional capabilities:

  • Four types of logical partitions: CD-ROM, Public, Private, Hidden;
  • "Transparent" hardware-based encryption of data stored to Private and Hidden partitions of the device (the algorithm is AES-256);
  • An additional level of software data encryption for the Hidden partition (the algorithm is GOST 28147-89);
  • All software required to operate the device is placed on the CD-ROM partition, which has an ability of the safe upgrade;
  • Write protection management of the Private and Public partitions;
  • A flexible passwords management: change of actual and reset of forgotten passwords without loss of the protected data;
  • Separation of device user privileges at four levels: Guest, Limited and Powered Users, Administrator;
  • Limiting the number of failed authentication attempts;
  • Ability to distribute an available space between the Private and Public partitions;
  • "Encrypted BlackHole" feature − receiving (saving) of sensitive data from untrusted workstations without the threat to disclosure of other confidential data (saved previously);
  • Support for both local (by the Enterprise Console or Administrator) and remote (by the Enterprise Console) "reset" of forgotten password without any data loss (only in Enterprise Edition);
  • Ability to backup critical keys to other Armorino devices;
  • Integration with Windows Logon for two-factor authentication (possession of Armorino device + knowledge of the password to access it);
  • Support of access control to encrypted storages on local workstations;
  • Support of additional virtual removable media directly from the device;
  • Support of data backup in encrypted form to public or private "cloud" storages;
  • Support of PKI through well-known interfaces Cryptoki (PKCS#11) and Microsoft CNG Provider;
  • Support of dynamic authentication systems based on One-Time and Time-Limited Passwords (Amazon, Google, etc.);
  • Support of national digital signature standard of Ukraine;
  • Integration of the portable software platform;
  • Safe and convenient storage of access passwords for various systems;
  • Integrated VPN-client, which supports the secure storage of multiple connection profiles;
  • Secure communications over the Internet;
  • Each device has a unique short Registration number (8 digits).

Armorino Enterprise Console functional capabilities:

  • Single database of accounting information about all devices of an organization;
  • Setting of unified security policies for all devices of an organization;
  • Locally access recovery to the device when the password is loss;
  • Remote reset of a forgotten password without any data loss (based on One-Time-Password);
  • Enterprise Secure Storage (ESS) − corporate storage of encrypted backups;
  • Centralized management of access to Enterprise Secure Storage;
  • Safe setup of access keys to Enterprise Secure Storage;
  • Support of active key carriers for handling the enterprise master keys!