Rohos Face Logon multi-user support

Rohos Face Logon – secure authentication with face recognition. The process of authentication is made in one step and is based on uniqueness of human face.It allows accessing Windows computer in a easy, fast and secure way by using any Windows compatible camera.
Program is easy to setup, has simple interface, self-training feature and possibility to hide authentication window. Often there are situations when one computer is used by several users e.g. office computer for co-workers, home computer or notebook for family members. Rohos Face Logon can register several users for different users account. Download and setup program.
In the main window press Register face, enter the Windows password, the program starts to register first user. During registration it is desirable to move you head forward and backwards that will create a better reference template for identification.

Read more

Rohos Logon Key for Mac OS Sierra

macossierra-rohos-logon-key

Today we would like to announce Rohos Logon Key 3.3 for Mac OS X 10.12 Sierra.  By default after updating Mac OS X to Sierra it will disable Rohos Logon Key and you need to reinstall it and restart your Mac. After a month of support ticketing with Apple Inc. devs we has been figured out the update issue.

Read more

Data leaks prevention system StaffCounter DLP is available now

We are glad to present you a new product designed to prevent the leakage of information: StaffCounter DLP. This cloud-based solution allows you to protect your business from insiders and possible leakage of commercial information to competitors.

StaffCounter DLP includes: Read more

Rohos Logon Key 3.3

We are happy to announce Rohos Logon Key v.3.3 with many improvements and one nice feature.

In Version 3.3:

Read more

The new and updated Rohos Face Logon is ready to use

Dear Rohos Face Logon users, we are pleased to introduce an updated version of the program you love.

In the new version you’ll find:

  • Updated interface;
  • Improved Windows 10 support;
  • Ability to chose the priority web camera for Windows tablets;
  • Support for Windows Surface and Windows Surface PRO.

Read more

Rohos Disk and Rohos Mini 2.3

July 1, 2016 saw the release of new versions of Rohos Disk Encryption and its free counterpart Rohos Mini. These applications received a facelift and improved internal design.

Read more

Rohos Logon Key v.3.1

Rohos Logon Key v 3.1 allows you to implement a two-factor authentication policy, based on a user list or user groups in Active Directory. This allows you to verify two-factor authentication and apply it step by step. New features:

  • Improved option Allow login only using a USB key
  • Added function Check Key Serial Number. It restricts the keys allowed for login.
  • Configurable messages for users have been added: in the login window, in the Rohos Logon Key main program window, and in the key settings window.
  • Added Users and Keys dialog box for viewing and managing the list of created keys and users.
  • Changed licensing policy: a Server License for Windows terminal service has been added. Now the license covers the computer. The RFID token license has been withdrawn.
  • The Rohos Management Tools program suite is now provided free of charge.

  Read more

Backup copies made faster in Rohos Disk Encryption 2.2

Rohos Disk ensures that your data is protected from third parties by locking the disk in your absence. The size of the disk can be increased as needed. You can create several disks on a PC, USB flash drive, or a DVD at the same time.

We’ve introduced a new version of Rohos Disk — Rohos Disk Encryption 2.2. A distinctive new feature that it brings is the remarkable Backup Disk functionality. Now making a backup copy of the contents of an encrypted disk is much faster and easier.
Read more

Setting up shared access to an encrypted disk

Rohos Disk Encryption allows you to set up shared access to an encrypted disk for various purposes:

  1.  Common access to all users of a single computer.
    This is the default behavior of Rohos Disk letter access mode. All users on a computer or terminal server is able to access and work with encrypted drive letter. Users do not need to know the disk password, and they do not need to run the Rohos Disk program. Nobody knows where  the disk file container and cannot delete it. The password for accessing the disk is entered by the Administrator or the owner of the Rohos disk.
  2. Access rules on a Windows Terminal Server.
    In this case only selected users knows the password for the disk. Each user enters the password for accessing the disk independently whenever necessary. Secured Disk is accessed by using plain password or a hardware based key.
  3. Shared access through a shared network folder.
    The Rohos disk drive letter will be open for common access on the local network from the computer which acts as the file server. Entering the password to enable the Rohos disk is done by the Administrator or owner of the Rohos disk once per day. He or she will also grant users privileges for network access and is also responsible for making backups and shutting down access to the disk.

Common access for all users of a single computer.

In the Rohos Disk options you must tick the “Enable shared disk drive (local and network)” – this option is ON by default.

In this case, when one user connects a Rohos disk, the drive letter of this disk will be immediately visible to all users when they open Explorer.

When the read-only option is set, users (including the owner) cannot change the contents of the Rohos disk.

You can set up different rights for reading and writing to the folder  within the disk itself. You give some users full control, while other users will have read-only access, and a third group will not be authorized to view the contents of the secret Rohos disk at all.

Advantages of this method:

  1. Only one user, the owner of the disk, has the password.
  2. Ability to limit access to certain users.
  3. The disk can be located in a place where only its owner has access to it, which limits the possibility that it can be copied or deleted by others.
  4. Users do not need to know the password for the secret disk, and the drive letter will be immediately visible in Explorer.
  5. This setup is also suitable for users on a Terminal server. Work folders with especially important and confidential files and programs can be converted to a Rohos disk using the “Encrypt folder” function. This will make the disk protection transparent to users of the remote desktop.

Features of this method:

When opening Rohos Disk for other users, the drive letter will be visible among the computer’s additional disks. If it is suddenly turned off, it will become inaccessible for all users. To avoid this, you can deny users the right to launch Rohos Disk on the server by protecting it with a password.

In addition, you must uncheck the option Show Rohos Icon near the clock so that users cannot manage the disk by clicking on the icon near the clock.

Access rules on a Windows Terminal Server.

To set up this form of common access:
1. You must turn off the option Enable shared Disk drive. In this case the secret disk letter will be accessible only to a session or user account where the password for this encrypted disk has been entered.

2. The file container should be placed in a common-access folder and different access rights should be granted for different users in order to prevent unauthorized copying or deletion of this file. Some users will be able to open the folder for reading and writing, while other users will have read-only access. Other users still will not be able to view it at all.

3. It is necessary to create a shortcut for accessing this disk and copy it onto the desktop of the selected users. To do this, in the main window go to Rohos Disk Encryption > Disk > Tools > Create disk shortcut. Then a file with the given shortcut will be visible on the desktop.

4. You can give the password for the Rohos disk to all users or hand out access keys such SafeNet ikey,  eToken or  any other PKCS#11-compatible.

Advantages of this method:

  1. Only a selected group of users will be able to access Encrypted Disk letter.
  2. The secret drive letter will be protected from other terminal sessions.
  3. By using hardware USB token you protect the disk password from being revealed on a thin client side.
  4. Open source and strong AES-256 bit encryption by using open and NIST approved data security standards.

Shared access through a shared network folder

The entire Rohos encrypted disk or some folders on it can be opened up for common access over the network. Select the disk in My Computer and enter its properties through the context menu.

Assigning access to this disk for different categories of network users can be done here with the Permissions command.

Connect the Rohos disk network folder to the workstations on the network:

Advantages of this way of assigning access:

  • The encrypted disk can be located on both on a computer or a connected USB storage device.
  • You set it up so that when a USB storage device is disconnected, the encrypted disk will be automatically disabled, the network folder will disappear, and it will no longer be possible to access it.
  • You can set up a hardware security module (HSM) for accessing the secret disk, e.g. USB tokens like ruToken, iKey, or eToken. You can entrust such a token for the disk to the employee responsible for activating the disk. When the token is disconnected from the PC, the disk will automatically turn off.
  • Activating a secret disk can only be done by means of a password or automatically by connecting a USB token.
  • Network users do not necessarily have to know the password for the disk to begin working with all, but all data will be reliably secured on the file server.

While one network user is working with one file or directory, another user can work with another file or directory. It will appear as a simple common-access resource. However, as soon as you leave the system, access to it will automatically end.

Addimat USB2 Waiter Lock

We would like to turn your attention to one more device designed for secure user authentication on Windows and compatible with Rohos Logon Key. This is the RFID tag from the Swiss company Addimat.

It was originally designed for identifying wait staff in pizzerias, restaurants, and cafés. It consists of an RFID reader with a round magnetic opening and a set of matching cylindrical keys. Each key has a rugged and waterproof body. Woven into the body of the key is an individual 48-byte serial number and a PIN code, which in some models can be reprogrammed.

addimat1

Read more