File based attacks are one of the top attacks’ vectors.
Although most of the medium and large enterprises invest millions in cyber security tools, the companies remain vulnerable to new attacks and malware created daily. One of the weakest point of failure at organization’s cyber security infrastructure is unknown malware hidden in files bypassing the existing cyber security systems; and one of the popular vector for hackers is the use of portable media to access the company’s network.
Removable Media: A Clear and Present Danger
Removable media like USB drives, thumb drives, CD/DVDs and external hard drives are a widely-used and convenient data transfer vector. They are also one the most dangerous sources of network malware infections.
Users frequently and innocently connect removable media to network-connected endpoints. These sources are often loaded with unknown software and files obtained from third parties at tradeshows, sales meetings, events, or even from personal computing environments and trusted internal sources.
To maintain productivity and allow business to flourish, it’s critical to let files and data flow into your organization. Yet security professionals concur that any files – especially those from external sources – can be infected with malicious code.
Legacy solutions slow or block workflow, leading users to seek workarounds and negatively impacting productivity. Moreover, traditional solutions are effective only against known threats – not new or previously uncatalogued malware.
The solution: The odix Kiosk – Files Sanitizing Station
The odix Kiosk is a Linux-based hardened workstation dedicated to safely introducing files from removable media. The odix cyber security Kiosk has no hard disk and both the operating system and software are SATADOM-based – completely neutralizing the possibility of malicious manipulation.
Conveniently placed at central locations throughout the office space, users go to odix Kiosks to plug in any removable media sources – instead of attaching them to their own devices. In just seconds, incoming files are sanitized and forwarded to users via email. odix Kiosk is a perfect solution for secured data exchange from USB flash memory devices to a network (or other devices).
How Does the odix Kiosk Work?
The odix Kiosk is powered by ODI Security’s field-proven Content Disarm and Reconstruction (CDR) engine. This patented technology scans, disarms and rebuilds files into clean versions that can be safely introduced to any network. odix Kiosks remove both known and unknown malicious code from a wide range of file types using odix CDR technology
odix Kiosk – Your Network Gatekeeper
The cyber security Kiosk is a physical network station that sanitizes files on removable memory media including USB drives, thumb drives, CD, DVD or any other physical memory media. The solution is a dedicated proprietary odix stand. This stand-alone solution is air gapped against cyber-attacks.
The physical sanitizing system comes without a hard disk (HD), and the odix operating system and software are from SATADOM. This feature completely neutralizes the ability to attack the position through the operating system or through odix` software.
In addition, a Linux-based derivative of the UBUNTU operating system is used to create a less vulnerable environment with fewer weaknesses and better reinforcement capabilities. Additionally, the operating system is well encrypted. This solution has the highest resistance to attacks of any kind.
The sensitization process (odixing) is done on the malware scanning kiosk itself, isolating potential threats from the network. Only clean and safe files (the odixed files) are sent to the network via the management server.
odix Management Server
The management server enables setting, configuration, monitoring and reporting and provides holistic management of all odix components. The management server includes the following functionalities:
Updates – Sends updates to the sanitizing core and to the five antivirus engines used in the Kiosk and distributes updates to the sanitizing server
User Profiles – Establishes user profiles for the sanitizing server and the physical sanitizing stand including: Rules regarding which files are allowed to be sanitized and which files are prohibited and permitted sanitizing volumes for a single file and a collection of files
Log Data – The management server is used to store log data transferred from the server and from all physical positions to it
Connectivity – The management server is connected to several organizational servers including:
Organizational Active Directory (AD) server to identify the users of the sanitizing stands
An organizational file server to which all sanitized files are transferred
odix Kiosk for highly secured networks
When it comes to OT networks, isolation becomes mandatory. odix Kiosk includes an isolated deployment scenario without connectivity to the organization network. This type of deployment is designed for air-gapped networks; operational, ICS, SCADA etc.
Such configuration provides safe and secured solution for inserting files into such networks.
odix Kiosk Advantages
Preventive sanitizing system – Eliminates ALL malware threats.
Support of more than 11,000 file types
Sanitization process is done on the kiosk itself not inside the network.
No re-writable components on the Kiosk! Operating system is booted from a LiveCD configuration
Reinforced Linux operating system and operating environment
Smart management server that allows easy setting of policies and licensing
Management server is separated from the kiosk itself for better security.
Architecture that enables easy expansion and integration of dedicated filters
Convenient and user-friendly interface
Easy deployment – Easy configuration