File-based attacks are one of the top attacks’ vectors.
Although most medium and large-sized enterprises invest millions in cybersecurity tools, many remain vulnerable to ransomware threats, malicious software, and zero-day attacks. Often organization’s cybersecurity infrastructure is actively under attack from unknown malware hidden in files bypassing existing cybersecurity systems. one of the popular vectors for hackers is the use of portable media to access the company’s network.
Portable Media Security: A Clear and Present Danger
Removable media like USB drives, thumb drives, CD/DVDs, and external hard drives are a widely-used and convenient data transfer vector susceptible to malware attacks (for example bad USB). They are also one of the most dangerous sources of infections in the industrial control system.
Users frequently and innocently connect removable media to network-connected endpoints without any anti-malware solution applied before it enters critical infrastructure. These sources are often loaded with unknown software and encrypted data obtained from third parties at tradeshows, sales meetings, events, or even from personal computing environments and trusted internal sources.
To maintain productivity and prevent the breakdown of your industrial control system’s cyber security, it’s critical to let files and data flow into your organization. Yet security professionals concur that any files – especially those from external sources – can be infected with malicious code.
Legacy solutions slow or block workflow, leading users to seek workarounds and negatively impacting productivity. Moreover, traditional solutions are effective only against known threats – not new or previously uncatalogued malware.
The solution: The odix Kiosk – Files Sanitizing Station
The odix Kiosk is a Linux-based hardened workstation dedicated to safely introducing files from removable media. The odix cybersecurity Kiosk has no hard disk and both the operating system and software are SATADOM-based – completely neutralizing the possibility of malicious manipulation.
Conveniently placed at central locations throughout the office space, users go to odix Kiosks to plug in any removable media sources – instead of attaching them to their own devices. In just seconds, incoming files are sanitized and forwarded to users via email. odix Kiosk is a perfect solution for secured data exchange from USB flash memory devices to a network (or other devices).
How Does the odix Kiosk Work?
The odix Kiosk is powered by odix Security’s field-proven Content Disarm and Reconstruction (CDR) engine. This patented technology scans disarms and rebuilds files into clean versions that can be safely introduced to any network. odix Kiosk removes both known and unknown malicious code from a wide range of file types using odix CDR technology
odix Kiosk – Your Network Gatekeeper
The cybersecurity Kiosk is a physical network station that sanitizes files on removable memory media including USB drives, thumb drives, CD, DVD, or any other physical memory media. The solution is a dedicated proprietary odix stand. This stand-alone solution is air-gapped against cyber-attacks.
The physical sanitizing system comes without a hard disk (HD), and the odix operating system and software are from SATADOM. This feature completely neutralizes the ability to attack the position through the operating system or through odix` software.
In addition, a Linux-based derivative of the UBUNTU operating system is used to create a less vulnerable environment with fewer weaknesses and better reinforcement capabilities. Additionally, the operating system is well encrypted. This solution has the highest resistance to attacks of any kind.
The sensitization process (Deep File Inspection) is done on the malware scanning kiosk itself, isolating potential threats from the network. Only clean and safe files (the odixed files) are sent to the network via the management server.
odix Management Server
The management server enables setting, configuration, monitoring, and reporting and provides holistic management of all odix components. The management server includes the following functionalities:
Updates – Sends updates to the sanitizing core and to the five antivirus engines used in the Kiosk and distributes updates to the sanitizing server
User Profiles – Establishes user profiles for the sanitizing server and the physical sanitizing stand including Rules regarding which files are allowed to be sanitized and which files are prohibited and permitted sanitizing volumes for a single file and a collection of files
Log Data – The management server is used to store log data transferred from the server and from all physical positions to it
Connectivity – The management server is connected to several organizational servers including:
Organizational Active Directory (AD) server to identify the users of the sanitizing stands
An organizational file server to which all sanitized files are transferred
odix Kiosk for highly secured networks
When it comes to OT networks, isolation becomes mandatory. odix Kiosk includes an isolated deployment scenario without connectivity to the organization network. This type of deployment is designed for air-gapped networks; operational, ICS, SCADA etc.
Such configuration provides a safe and secure solution for inserting files into such networks
odix Kiosk Advantages
Preventive sanitizing system – Eliminates ALL malware threats.
Support of more than 11,000 file types
The sanitization process is done on the kiosk itself, not inside the network.
No re-writable components on the Kiosk! The operating system is booted from a Live Image configuration
Reinforced Linux operating system and operating environment
A smart management server that allows easy setting of policies and licensing
The management server is separated from the kiosk itself for better security.
Architecture that enables easy expansion and integration of dedicated filters
Convenient and user-friendly interface
Easy deployment – Easy configuration
Find out more