State of the art in the security critical environment: The workstation for highest performance
Fast processors, a lot of working memory and a large hard drive provide the necessary performance for fast switching between different working environments (sessions) as well as smooth multimedia use.
Multiple virtual sessions can be strictly separated and allow parallel working in different security domains (multi-level data separation) – up to and including SECRET.
The Crypto Client is fully integrated into the high-resolution, flexibly adjustable 27" 4K TFT display. This and the ergonomic design allow fatigue-free work with high resolution and clear image.
Users can use session-specific webcams, microphones and classic phones and effortlessly play HD videos.
What makes a secure VS workstation? The requirements profiles of the German Federal Office for Information Security (BSI) provide information on how to work securely with classified information or other sensitive data. This requires a holistic security concept with several coordinated components, which is already integrated as standard and BSI-compliant in the SINA Workstation. This means that authorities and companies do not have to put together the components for a secure workstation and VS-compliant operation themselves, nor do they have to have the configuration approved by the BSI. This maximizes not only security, but also convenience.
A VPN client is considered an indispensable subcomponent of a secure mobile workplace. SINA uses advanced encryption technology to create a secure environment for transmitting sensitive information and classified documents over potentially insecure networks such as the Internet. Using an IP-sec secured VPN tunnel, employees can use the SINA Workstation to access their public authority or administrative network while on the move. The data transmission is encrypted in a tap-proof manner.
All hard disk accesses and network connections are automatically encrypted by the workstation and thus cannot be read by unauthorized persons. This allows you to ensure data security without having to securely lock away the computer after each use.
Access to devices and interfaces is carried out under the control of the SINA security operating system. It has been proven that USB sticks, for example, are a popular gateway for malware. The workstation's interface control regulates the release. This means that users - depending on their chosen security policy - must first consciously and willingly release USB devices before they can even be used in a work environment such as Windows. In the case of a strict policy, SINA interface control prevents the connection of USB devices altogether.
Two-factor authentication is required to ensure that only authorized users can log on to the computer. The SINA Workstation can only be unlocked if a security token - in the form of a smartcard or USB token - and the corresponding PIN are inserted.
With the SINA Workstation, the operating system substructure is also protected. It is well known that firmware and hardware are increasingly becoming the focus of cyber attacks. The firmware belonging to the hardware plays an important role in the function and security of the overall system - for example, when booting the operating system. Undetected by Windows, malware always reinstalls itself when the firmware is infected by malicious code. This is effectively prevented with SINA technology: The respective operating system, for example Windows, is exclusively virtualized within the SINA security operating system. Thus, neither Windows nor malware gain direct access to the physical hardware. Program code is only executed in a virtualized environment of the SINA workstation. Manipulating the firmware when physically accessing the device is also effectively made more difficult: Since our special SINA Secure Boot only allows software to be started that is signed by secunet or the German Federal Office for Information Security (BSI), malicious code is not executed in the first place. This also prevents attacks via malware that is booted locally for a short time ("Evil Maid Attack").
Your devices, including all security components, can be remotely maintained and administered centrally via the SINA Management Center. If all employees have to be sent to the home office and need mobile hardware quickly, the administration tools are also designed for a mass rollout, regardless of location, large numbers of SINA workstations can be set up simultaneously.
SINA technology is unique: the operating system (such as Windows or Linux) is virtualized and embedded in the SINA security operating system. This means that the working environment is strictly separated from the firmware and hardware - so potential malware cannot spread through it. But the virtualization technology creates even more new possibilities in everyday work: several (different) operating systems with different security levels can be used in parallel on a SINA workstation. For example, classified information can be processed on one system while a session for a video conference with external parties is running - strictly separated from it. The strict separation of individual sessions means that other business or even private uses can take place on a device in parallel. Windows and Linux can also be used side by side.
SINA – Secure Inter-Network Architecture
SINA was developed as a holistic security system that protects entire digital infrastructures. At its core, perfectly matched network components and clients ensure effective encryption and separation of differently classified data - locally and when transferred over the internet.
SINA is used worldwide by governments, critical infrastructures and in industry and is the leading security architecture in the Federal Republic of Germany with over 170,000 installed systems.
Multilevel and multionational applicable
The SINA Workstation allows information of different security classifications and domains to be processed in parallel on one hardware using guest systems that are partitioned off from one another, which makes working with differently classified data much more efficient and user-friendly. SINA thus guarantees confidentiality during processing and communication in all national and major international security classification levels and for a wide range of application scenarios.
SINA Management centrally manages and configures all users and components of the SINA product portfolio. The networks to be protected are set up, configured and administered in a structured manner. With its graphical user interface, SINA Management enables easy configuration of security relationships and access authorizations between SINA components and networks.
End-to-end digital document management
Digitization promotes cooperation and collaboration - also in authorities and industry. Where previously countless paper printouts were necessary for the joint processing of sensitive data, today SINA Workflow facilitates the work of authorities and organizations.
The only end-to-end digital management system for classified information up to SECRET meets all the necessary security and procedural requirements of the VSA. The modular system solution takes effect as early as the design stage and protects data throughout its entire lifecycle.