”Why not virtual”¶
StoredSafe Secure Platform is delivered as a physical appliance.
Besides some technical limitations (read further), there are some non functional reasons to why not run our appliance as a virtual appliance. e.g. We expect you to store business crtical information in your appliance, some of this infomation may include critical disaster recovery information that you might need to access to be able to recover from a major disaster.
You might also have stored business critical information used by vital business processes that needs to be accessible at all times independently of any IT-incidents.
Typically critical information stored in you StoredSafe appliance:
Keys and passwords to your encrypted backups
BCDR Bussiness Continuity/Disaster Recovery) Plans
Patents
Critical agreements
Etc.
BCDR is a good example of this, if you cannot access your BCDR plans during a disaster, all your planning and testing efforts might end up as money down the drain, and if you can’t decrypt your backup information you’ll end up with unusable backups.
An important objective of StoredSafe is that our appliance should be completely independent of other services and "self sufficient" in terms of user / account management- and two-factor authentication
Technical Limitations to virtualization:
Our system includes in addition to the server hardware, a USB connected HSM (Hardware Security Module) and micro switches for "Tamper Protection", opening the lid of the appliance while powered on will erase all active session keys for logged on users.
Our high security standards to ensure confidentiality of your business critical information requires an extremely good RNG (Random Number Generator) to be able to generate encryption keys for each user (4096 bit RSA keys) without delay. These operations require very much entropy. We use Ivy Bridge processors that have very strong hardware RNG (Random Number Generator) for fast generation of entropy.