According to Verizon's "2019 Data Breach Investigations Report," 36% of data breaches are committed by insiders. Insiders are responsible for 54% of incidents in the healthcare industry and 34% in the public sector. The most recent prominent example is Twitter. Unknown persons have hacked numerous Twitter accounts of celebrities. Via the Twitter profiles of former U.S. president Barack Obama, presidential candidate Joe Biden and Amazon boss Jeff Bezos and many others, the hackers spread advertising for dubious crypto-currency deals. Accounts of companies like Apple and Uber were also affected. The magazine "Vice" reported shortly after the incident that a Twitter insider was responsible for the hack. With the SECURE BOARD 1.0, CHERRY has a solution in its portfolio that effectively tackles problems such as the one suspected here from the hardware side.
No more "BadUSB" attacks
Security and data protection are generally perceived by the public as predominantly software-driven issues. Virus scanners and firewalls are the most common countermeasures that come to mind when the topic of countering cyber-attacks arises. However, central and fundamental components of modern security concepts are the authentication of users and the authorization of access. The go-to first step of data security is usually through the use of passwords - which are unfortunately all too easily forgotten, changed too rarely or accidentally disclosed to third parties due to negligence - with all the negative consequences.
For this reason, CHERRY has the SECURE BOARD 1.0 in its portfolio. This security keyboard ensures maximum protection from "BadUSB" attacks via use of a secure mode. This means that the authenticity of the device is verified on a certificate-based basis, and the key transmission is encrypted. This makes it impossible for hardware keyloggers to access sensitive access data and passwords. By blocking the standard keyboard channel, "BadUSB" attacks are a thing of the past: USB sticks that log onto the system as a keyboard cannot inject uncontrolled entries and malicious codes. Well-known thin client manufacturers already support the use of Secure Mode and have integrated the necessary software for this. A corresponding solution for Windows is in preparation and will be available by mid-2020.
The smart all-rounder for security
Higher security is achieved through two-factor authentication using a smart card. As a rule, the terminal with which the card is read out is required when processing smart card data. Here, CHERRY follows the "hit two birds with one stone" approach, and with the SECURE BOARD 1.0 offers a space-saving alternative: Because here, the card reader is integrated into the keyboard. Also, the new addition to the CHERRY portfolio has a contactless card reader located on the back of the keyboard. This can also read RFID and NFC cards or tags.
With this equipment, a whole range of application areas for the new SECURE BOARD 1.0 are possible: For example, ID systems can be used for closed user groups via the keyboard, and company IDs can be easily read in. Communication using NFC tags and a smartphone is also possible with the SECURE BOARD 1.0. Depending on which apps a user has installed on their mobile phone, NFC payment is possible. The SECURE BOARD 1.0 can also read customer or bonus cards, such as those used in fitness centers or loyalty cards.
Safe, convenient and comfortable
In addition to the ease of use, CHERRY, in its usual manner, has placed great emphasis on safety. The integrated card reader meets the highest security standards and fulfills the requirements in the United States, according to FIPS-201. FIPS 201 (Federal Information Processing Standard Publication 201), Personal Identity Verification (PIV) of Federal Employees and Contractors, is a standard of the National Institute of Standards and Technology that specifies the technical requirements for access control for U.S. government employees and contractors.
The integrated terminal for PC/SC smart cards enables the reading and writing of ISO-7816 and ISO-14443-A/B-compliant cards. Numeric PINs are entered securely using the numeric keypad on the keyboard.
Thanks to the combination of a reliable office keyboard and a secure card reader, an additional external terminal is no longer necessary. One's desk and workspace can remain tidy and uncluttered. Also, both the card and the terminal are always in the operator's field of view. The keyboard is also a long-lasting companion: The SECURE BOARD 1.0 offers keycaps with abrasion-resistant laser lettering, which can withstand tough office use even over the years without any signs of wear. Those working with this product will also appreciate its ease-of-use: The chip card module can be operated with just one hand. The keyboard also impresses with its flat design and particularly ergonomic design. The standard drivers for Windows and Linux are already available.