In the vault: The Coastal Bank and IronKey

Share this article:
In the vault: The Coastal Bank and IronKey
In the vault: The Coastal Bank and IronKey

[sidebar 1]

Building trust

The Coastal Bank is one of the first institutions in the country to offer Trusted Bookmarks, a new feature of Trusted Access for Banking allowing members to safely access popular websites using a ‘bookmark list' managed by the bank. With Trusted Access, customers know they are accessing an authentic site and their transactions are not being monitored or tampered with by crimeware.

"We are educating our customers through a number of different channels," says Adam Montgomery, director of marketing at The Coastal Bank. These steps include:

  • Advertising and marketing the IronKey product in the markets it serves,
  • A series of "Lunch and Learn" events where the bank invites customer to attend a quick 30-minute seminar during their lunch hour, learn about the product, and sign up for Trusted Access,
  • Direct contact from the bank's cash management and commercial banking team to existing customers, informing them about the current threats against their financial security and how IronKey Trusted Access prevents this type of activity,
  • Information and signage in branches, and on the bank's website,
  • Ongoing discussions with key business leaders in the community,
  • Providing all employees with IronKey and encouraging customers to ask them about the product.

[sidebar 2]

Safeguarding the online banking experience

There are five key technologies underpinning the secure online banking experience: tamper-proof USB device, virtualization, keylogging protection, secured Trusted Network and cloud-based banking policy management.

Read-only operation: In both downloadable software and portable USB device form factors, Trusted Access is stored and operates as a read-only application with tamper-proof settings. In software, this is enforced using an encrypted file system. With a portable device, this is enforced by the device firmware and cryptochip and is designed to FIPS 140-2 Level 3 specifications.

Virtualization: Isolates online banking sessions within a fully virtualized environment. This eliminates dependencies on desktop browser software and plug-ins that are commonly attacked by criminal malware to steal credentials and hijack banking sessions. This is achieved by proprietary software on the IronKey Trusted Access device working in conjunction with the IronKey Trusted Network and Enterprise Management Service.

Keylogging protection: By encrypting keyboard input from the operating system to the virtualized environment, it stops one of the most common attack methods used by criminal malware to steal online banking credentials; this is a feature of Trusted Access on the IronKey.

Secured Trusted Network: All network access uses a separate, encrypted tunnel that connects with IronKey secured data center operations. This stops DNS poisoning and host tampering attacks, targeted URL malware activation, and man-in-the-middle attacks. This capability is shared between the IronKey end-user or admin device and the IronKey Enterprise Management Service.

Cloud-based safe banking policy management: Institutions establish their own safe banking policies including establishing website start page and URL whitelists to eliminate users visiting non-banking sites (or only those Bookmarked sites approved by the bank); banks use the cloud-based IronKey Enterprise Management Service to set policies and manage devices.

Source: IronKey

Page 4 of 4
Share this article:

Sign up to our newsletters

More in Features

Know your friends: Partnering with the right allies

Know your friends: Partnering with the right allies

Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.

Bad reputation: Annual guarding against a data breach survey

Bad reputation: Annual guarding against a data breach ...

Will recent high-profile cyber attacks spur stronger security and improved risk management? The consensus from our data breach survey indicates: Yes, reports Teri Robinson.

Network Rx: Health care security

Network Rx: Health care security

With the addition of 15,000 mobile devices accessing its network, a medical center found assurance - and met compliance mandates, reports Greg Masters.