CERTIFICATIONS & COMPLIANCE

Updated on: June, 2014

Imation’s mobile security products are used by the world's most security conscious and demanding organizations. To make sure these products exceed the security and reliability expectations of customers, Imation places significant importance on achieving the highest level of certifications, validation, and industry compliance. Imation’s mobile security products were the first to achieve FIPS 140-2 Level 3 certification for an encrypted USB storage device. Imation continues to update and maintain certifications. This page includes updates and links for Imation certifications and industry compliance.

SECURITY CERTIFICATIONS

NIST FIPS 140-2 Level 3

The Federal Information Processing Standards (FIPS) are U.S. government standards for information technology and computer security. The FIPS program is run by the National Institute of Standards (NIST). NIST FIPS 140 is the cryptography standard program required by the US federal government for protection of sensitive data. All products using cryptography in use by civilian and military US federal agencies must comply with FIPS 140. The current FIPS version is 140-2.

Obtaining FIPS 140 validation requires a rigorous testing process by an accredited testing laboratory. The results are then reviewed by the National Institute of Standards and Technology (NIST) which issues a FIPS 140 validation certificate. IronKey Basic, Personal and Enterprise devices were the first to achieve FIPS 140-2 Level 3 certification for an encrypted USB storage device. Imation certifies not only the Cryptochip used to secure data and protect encryption keys but all electronic components within these devices. This provides customers the assurance that data stored on these devices will remain secure.

The following lists Imation FIPS certification status and links to certification and security documentation.

IronKey Device
Device Firmware FIPS Level Status FIPS Certificate # Security Policy
2.0 140-2 L3 Validated 1149 #1149 Security Policy
2.0.1 140-2 L3 Validated 1149 #1149 Security Policy
2.0.2 140-2 L3 Validated 1149 #1149 Security Policy
2.0.3 140-2 L3 Validated 1149 #1149 Security Policy
2.0.5 140-2 L3 Validated 1149 #1149 Security Policy
2.0.6 140-2 L3 Validated 1149 #1149 Security Policy
2.0.8 140-2 L3 Validated 1149 #1149 Security Policy
2.0.9 140-2 L3 Validated 1149 #1149 Security Policy
2.0.10 140-2 L3 Validated 1442 #1442 Security Policy
2.0.11 140-2 L3 Validated 1442 #1442 Security Policy
2.0.12 140-2 L3 Validated 1442 #1442 Security Policy
2.0.13 140-2 L3 Validated 1442 #1442 Security Policy
IronKey Device (USB 3.0)
Device Firmware FIPS Level Status FIPS Certificate # Security Policy
3.03 140-2 L3 Validated 2183 #2183 Security Policy
IronKey Device (rev 1)
Device Firmware FIPS Level Status FIPS Certificate # Security Policy
2.0.10 140-2 L3 Validated 1479 #1479 Security Policy
2.0.11 140-2 L3 Validated 1479 #1479 Security Policy
2.0.12 140-2 L3 Validated 1479 #1479 Security Policy
2.0.13 140-2 L3 Validated 1479 #1479 Security Policy
2.1.0 140-2 L3 Validated 1479 #1479 Security Policy
2.1.1 140-2 L3 Validated 1479 #1479 Security Policy
2.1.2 140-2 L3 Validated 1479 #1479 Security Policy
Device Firmware FIPS Level Status FIPS Certificate # Security Policy
4.0.0 140-2 L3 Validated 1734 #1734 Security Policy
4.0.1 140-2 L3 Validated 1816 #1816 Security Policy

Algorithms

The following algorithms are used in Imation devices and are certified according to FIPS 140.

  • FIPS 197 AES: Certificate #1034, #1412, #1874, #2559
  • FIPS 186-2 RNG: Certificate #587, #774
  • FIPS 186-2 RSA: Certificate #494, #688, #954, #995, #1311
  • FIPS 186-2 SHA: Certificates #986, #987, #1282, #2158
  • FIPS HMAC: Certificate #615, #1118, #1119, #1557, #1579

NLNCSA – IronKey Basic x250: RESTRICTED

The Netherlands National Communications Security Agency supports the national government of the Netherlands in the protection of classified information.

INDUSTRY CERTIFICATIONS

USB 2.0

IronKey devices are registered with the USB Implementers Forum (USB-IF). Identifying information for IronKey devices can be found below. Using this information, many device control solutions can restrict the use of USB storage to only IronKey devices.

Vendor ID (VID) for S100, S200, and D200 IronKey devices: 1953

Product ID (PID) by IronKey x200 device family:

  • IronKey Basic: 201
  • IronKey Personal: 202
  • IronKey Enterprise: 203
  • IronKey Developer: 204
  • OEM: 205

Vendor ID (VID) for S250 and D250 Imation IronKey devices: 718

Product ID (PID) by Imation IronKey x250 device family:

  • IronKey Basic: 7B1
  • IronKey Personal: 7B2
  • IronKey Enterprise: 7B3

Product ID (PID) by Imation IronKey Workspace device family:

  • IronKey Workspace W300: 0x0685
  • IronKey Workspace W500: 0x0687
  • IronKey Workspace W700: 0x0688

USB 3.0

Product ID (PID) by Imation IronKey Workspace device family:

  • IronKey Workspace W300: 0x0685
  • IronKey Workspace W500: 0x0687
  • IronKey Workspace W700: 0x0688

DURABILITY COMPLIANCE

MIL-STD-810F (Waterproof & Dustproof)

MIL-STD-810, also referred to as US Department of Defense Test Method Standard for Environmental Engineering Considerations and Laboratory Tests, establishes testing standards to evaluate the durability of products, especially in extreme circumstances. IronKey devices are waterproof and dustproof according to MILD-STD-810F standards.

Radio Emissions Compliance

  • FCC (US)
  • CE (EU)
  • C-Tick (Australia)
  • VCCI (Japan)
IronKey Device
Device FIPS Level FIPS Certificate #
F200 Contains the FIPS 140-2 Level 3 Validated Bluefly Security Processor* #1269
F150 Contains the FIPS 140-2 Level 3 Validated Bluefly Security Processor* #1269
F100 Contains the FIPS 140-2 Level 3 Validated Bluefly Security Processor* #1269
H200 Biometric Contains the FIPS 140-2 Level 3 Validated Bluefly Security Processor* #1269
H100 Contains the FIPS 140-2 Level 3 Validated Bluefly Security Processor* #1269

* Bluefly Processor (Certificate 1269) Firmware Versions:

BLUEFLY PROCESSOR (CERTIFICATE 1269) FIRMWARE VERSIONS:

(Hardware Versions: 3.0, Part #950 000 003 R [1] and 4.0, Part #950 000 004 R [2]; Firmware Versions: 2.0 [1], 2.1 [1,2], 2.2 [1,2], 2.3 [1,2], 2.4 [1,2] or 1.15 [1,2]

Security Policy link: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1269.pdf

The following is a list of certified algorithms:

  • AES (Certs. #1119, #1292, #1333, #1334, #1452, #1574 and #1661);
  • Triple-DES (Certs. #908, #932, #983, #1031 and #1081);
  • DSA (Certs. #417, #438, #462, #485 and #519);
  • SHS (Certs. #1186, #1220, #1315, #1394 and #1456);
  • RSA (Certs. #618, #646, #710, #767 and #818);
  • HMAC (Certs. #752, #782, #852, #921 and #976);
  • KAS (Certs. #6, #7, #9, #11 and #12);
  • RNG (Certs. #720, #735, #795, #848 and #884)