Here recently, Cigent Technology came out of the shadows and announced its breakthrough Cigent Data Defense plan. This plan is two-part, involving the company’s Dynamic Data Defense Engine (D3E) and its self-defending Cigent K2 Secure SSD. Both combined add to the best security, though the two components can be used separately as well.
Here recently, Cigent Technology came out of the shadows and announced its breakthrough Cigent Data Defense plan. This plan is two-part, involving the company’s Dynamic Data Defense Engine (D3E) and its self-defending Cigent K2 Secure SSD. Both combined add to the best security, though the two components can be used separately as well.
Cigent Data Defense And Ransomware Attacks
Ransomware attacks seem to be picking up steam, they are at least getting more coverage as they are affecting more people. From the Colonial Pipeline eating a $5 million ransom and causing some to put gas in plastic bags to QNAP Qlocker causing over $300K in payments to get data back. While cybersecurity has worked for some over the last few decades it may need to be juiced up a bit.
According to Cignet, cybersecurity has failed and has been failing for over 30 years. While this is a bold statement, it does seem like ransomware attacks are happening more and more. The company has taken a Zero-Trust approach through software and hardware to defend data regardless of where it resides.
The first step Cigent makes is with its software, D3E. Taking the zero-trust and continuous authentication as close to the data as possible, D3E is said to protect critical data even if the system has been compromised. The software is specifically for Windows 10 devices. Any time protected files are accessed a step-up authentication is required to prove that this person has access. Before and after this process, the sensitive files remain locked unless being accessed. Frequently accessed files are subject to dynamic locking. If a threat is detected, all files are immediately locked, again if the file needs to be accessed at this time, authentication is required.
In order to detect a threat, Cigent D3E uses native as well as third-party sensors to detect a compromise. These third-party integrations include Sophos, VMware Carbon Black, Windows 10 Security, PC Matic, CyberArk, and others. These sensors cover quite the gamut of compromise including malware, fileless attacks, privilege escalation, endpoint security agent disabled, untrusted network detection, network, and file deception engines, and ransomware detection based on file access patterns.
The Cigent D3E comes in two flavors a free personal version and a paid business version. The personal version gives users an easy way to protect their files. This version gives users a dashboard allowing them to designate protected files by file type, folder type, create data deception files, and configure authentication methods. Right away users can protect popular file types such as Microsoft Office files and Adobe files. The free version also protects files synced in local files from Dropbox, OneDrive, and Google Drive folders.
The Cigent D3E business does all of the above along with several other features. These added features can be fairly important with things like USB Insertion, someone trying to copy files on an untrusted USB device. Cigent D3E creates deception files and networks and the premium version lets users know if they’ve been accessed. The Business version supports secure drive types and we’ll get into that in the next section. The Cigent D3E Business supports more Zero Trust MFAs, EDR Integrations, active lock by file type, and shared key file sharing.
Cigent K2 Secure SSDs
As the name implies or explicitly states, the Cignet Secure SSD is a solid-state drive with added security features. The drive also comes with the Cigent D3E software on a free lifetime license. The SSD’s defenses are built into its firmware and are said to repel ransomware attacks and prevent data theft even in the case when all other cybersecurity protection fails. The SSD does this in several ways.
Of the methods used, the Secure Drive sets up hardware-encrypted Safe Rooms that make the files stored inaccessible to an unauthorized party. The claim is that the files remain invisible until mounted by the user through step-up authentication. After the file is mounted it is protected by the above software and if it detects a threat, the drive auto-locks, and the files once again “disappear” until the threat is cleared. If the files are not in the Safe Room, Cigent D3E can employ a Zero-Trust multifactor authentication preventing access from ransomware (available only in the Denali model).
Another technique deployed by those that are up to no good is to disable the security software, boot up from an alternative OS, and remove the drive. The Secure Drive combats this with Keep Alive heartbeat. It ensures that the designated cybersecurity software is running. If not, the drive encrypts on the flay and stays fully inaccessible to attackers.
The drive leverages more common cybersecurity such as FIPS 140-2 Level 2 certification and supports disk encryption like Bitlocker.
Full those that engage in the Business or premium version of Cigent D3E, can also use Dual Mode, Secure Access Logs, and TrueErase. Dual Mode sets up an additional hidden drive that can be used for things like work versus personal, ultra-sensitive files can remain hidden at all times, and to Oss can be set up. Secure Access Logs are logs and audit trails that cannot be wiped giving a path back to those that get in. And TrueErase is a firmware verification that tells the state of each drive after a wipe attempt, making sure there is no data on it that users don’t want to get out.
The Secure SSD comes in three flavors: Aspen, K2, and Denali. Each one is more secure and has more features than the last. The Secure SSD is built on Phison controller technology. We will be using the Cigent K2 Secure SSD for our review.
Cigent Secure SSD Specifications
Capacity | 512GB, 1TB, 2TB |
Interface | PCIe Gen3x4 NVMe 1.3 |
Form factor | M2 2280-D3 |
Operating temperature | 0° to 70° C Non-operating temperature: -40° to -85° C TCG Opal 2.0 |
Remotely upgradeable firmware | |
Optional external media USB adapter | |
Warranty | 12-months hardware warranty |
Management Console Server | Multitenant, cloud management console or on-prem console |
Endpoint Agent | MSI-based agent deployment
Managed or unmanaged Work connected or offline Less than 1% CPU utilization on average |
Operating System Support | Windows 10
VDI and remote desktop |
Compliance | HIPAA/HiTech, GLBA, NIST 800-88, DoD 5200.22M |
Design and Build
The Drive itself is a bit larger than the normal portable SSDs on the market. The M.2 is covered in a metal case that is quite dense. If someone is trying to break into your office to steal your data you can always hit them with this. It has a USB-C port on one side, Cigent branding on top, and the typical drive info on the bottom: model number, certifications, and compliances.
Cigent K2 Secure SSD Management
We set up the Cigent Dynamic Data Defense Engine on an HP Pavillion x360. First up, we sign into the Cigent portal through a web browser.
Once there you can drop down to Licenses and download D3E.
The installation will begin and a wizard will walk users through it. Afterward, your system will reboot.
Once rebooted the D3E dashboard pops up automatically and has pertinent information at the top. In our case, it wanted to know if the network was secure and it wanted us to create a PIN. You have to enter the PIN twice, then enter it again to agree to the network is secure.
If you have the Secure SSD now is a good time to plug it in and set it up.
Plugging in the drive will prompt for your PIN again. After that, it will require that you add a password to the drive. And then once more enter your PIN.
Once it is in, users can see it on the dashboard screen along with the network, the secure drive, and a deception file.
You can further click on the Secure Drives or Removable Storage and see the Secure SSD. Setup was a breeze and it more or less did it automatically.
Under File Type Protection the dashboard gives you three options Microsoft Office, Adobe, or Custom. You can drill down a bit more and set specific protection (none, dynamic, or always on) on different sub-file types in each category. Click on the type of protection, click save, and then once again enter your PIN.
Users can set up specific folder protection under the said named tab. Here you have a choice of adding dynamic protection for a folder or always-on protection. Click on the protection you want, select the folder, enter your PIN, and then the folder will appear under its selected protection.
Under the Deception tab, users can set up a deception file or network. Click add deception file, choose the folder, add the name (something catchy), click add, enter your PIN, and it is good to go.
As entering the PIN in over and over again can be annoying, Cigent does offer other multi-factor authentication (MFA) under the Authentication tab. Here one can set up a PIN as we did, an Authenticator App, a Fingerprint scan, Facial recognition, or Duo Security.
Cigent SSD Performance
It first needs to be kept in mind that the Secure SSD is designed for security not necessarily for high performance. On the flip side, it is good to know what to expect when you leverage a drive. For the performance of the Secure SSD we ran CrystalDiskMark and Blackmagic using the HP Pavilion x360.
In Blackmagic, we saw a read of 417.5MB/s and a write of 425.6MB/s. Much lower than what we normally expect to see with a PCIe drive.
In CrystalDiskMark the Cigent K2 Secure SSD saw a sharp drop in performance. It gave us 191.4MB/s read and 20.5MB/s write for sequential speeds (8 queues, 1 thread) while posting 172.4MB/s read and 44.1MB/s write (32 queues, 1 thread). Looking at 4K performance (32 queues, 16 threads), the K2 posted 27.8MB/s read and 35.7MB/s write. At 1Q/1T this measured 23.9MB/s read and 27.1MB/s write.
Conclusion
The Cigent Dynamic Data Defense Engine (D3E) is multi-layered cybersecurity approached that has been used, up until now, for government agencies looking for maximum security for their data. The D3E takes a Zero-Trust approach with continuous authentication close to the data. Anytime a threat is detected, the software locks critical files and requires a step-up approach to gaining access. It also works well with third-party software to tighten security even more. The company steps up security even more with the Cigent K2 Secure SSD. The SSD has security measures built into its firmware to repel ransomware attacks. The drive can auto-lock and kills the usual methods nefarious actors use to gain access to secure data.
Setting the software up only took a little bit. The dashboard isn’t exactly intuitive, but that is alright as the company can provide users with guides to get them started in protecting their data. There are lots of options for protection with several of the most common files (Microsoft Office and Adobe) being built right in. After a bit of monkeying with it, most users should have secure files set up and protected fairly quickly. The Secure SSD auto-configured which is nice when dealing with unfamiliar software. One of the more frustrating parts was constantly having to enter the PIN. During our benchmarking for example we ended up entering the pin back to back with less than a minute between entries. The main concern with this, as well as super-complex password policies, is that when you make something so difficult versus intuitive, the user will ultimately bypass or not use it the way it’s intended. Complex password requirements turn into handwritten notes taped to computer monitors, and the first time you have a file fail to save because you missed a PIN prompt, you probably end up storing your files in a less secure spot before moving them onto the drive.
A lot of the above issues with entering the PIN over and over can be avoided through a different MFA. The HP Pavilion x360 doesn’t support Fingerprint or Facial recognition, which is the fastest way to skip over the whole authentication process. HP does make several notebooks that do support this technology as do several other vendors.
We also wanted to look at the performance of the drive just to give users an idea of what to expect when transferring or retrieving files. Here we ran Blackmagic and CDM. With Blackmagic, we saw 418MB/s read and 426MB/s write. The CDM had much lower results and it is unclear what caused this but we saw sequential scores of 191.4MB/s read and 20.5MB/s write in 8 Queue, 1 thread and 172.4MB/s read and 44.1MB/s write in 32 Queue, 1 thread. 4K random performance gave us 27.8MB/s read and 35.7MB/s write in 32 queues, 16 thread, and 23.9MB/s read and 27.1MB/s write in 1 Queue, 1 Thread.
For those that need absolute security for files, Cigent has a lot to offer in this software/hardware combination. For day-to-day users, the security steps greatly slow down the ability to actually use the drive as a storage product for storing files. Hands down it is probably the most secure solution we’ve looked at on paper, but on the flip side, it was also the most difficult to use, though this would be remedied on a different platform with a faster MFA. Its slow speed may present other issues for those using very large files.
Engage with StorageReview
Newsletter | YouTube | LinkedIn | Instagram | Twitter | Facebook | TikTok | RSS Feed