Why ForsecaBOX
1-> Are Classic Storage Units Secure?
<>
You manage other storage units via local or web applications. This way, devices allowing remote access over the network come with several inherent risks. Attackers can capture access credentials through malware such as 2FA or OTP bypass/Fake, keyloggers, etc., from any computer that has gained access. Access information can also be intercepted through ARP attacks on the local network. Anyone with access credentials can perform almost all operations from the panel on the device, even delete all data within the device or reformat disks up to RAID structures. Even if an attacker cannot capture access credentials, they can still launch remote attacks through the device’s online management application (local or web). For example, methods like cross-site scripting (XSS) can manipulate the web panel, or malicious commands can be executed on the panel via command injection (REMOTE) through communication methods. With these commands, they could delete the data stored on the device or even gain administrator access to take full control of the device.
2-> Secure Management Console
<>
The management console is a dedicated management device specifically produced for each ForsecaBOX and dedicated only to its own device. This management console does not have an operating system like a tablet PC or PDA. It runs specific management software written in machine language directly through its microprocessor without needing a direct OS
3-> Pre-Storage
<>
The ‘Pre-Storage’ area developed by ForsecaBOX is the first place where you send your data. You send data to this area using SMB/SFTP protocols. After a certain period, the data in your ‘Pre-Storage’ area is moved, and 100% secure data protection begins on the ForsecaBOX disk space. The processors and disks of these two areas are also physically separated, providing protection against attacks like Meltdown and Spectre.
4-> Network Invisibility
<>
Through the offline management console, predefined PCs, servers, etc. can access the ForsecaBOX device and upload data. Devices not defined will not have network access to the ForsecaBOX area.
5-> Protected Data Cannot Be Deleted
<>
Data protected by the ForsecaBOX device cannot be deleted even by the device owner. There is no delete button, function, or command in the offline management console or any device interface. The device only deletes the oldest backup to make room for a new backup at the backup intervals you specified. New data automatically replaces old data. Thus, the device does not fill up its disk capacity and can continue to operate for years without requiring any maintenance cleaning.
6-> Safe from Data Leaks
<>
To export your data, the offline management console is necessary. With these procedures, protected data cannot be accessed again without physical presence next to the device and the relevant control and authorized pins. For industrial espionage or any data privacy needs, protected data cannot be accessed remotely or via the network.
7-> Checksum Control
<>
When data reaches the ForsecaBOX device, individual ‘SUM’ records are taken for all files in the package. This proves that no file in the content of the data can be altered or corrupted during the entire protection period on the device. The SUM records created when the data is stored for protection and when it is exported for backup needs, which are reported via email, prove to the user that their data has been securely stored from the moment it was deposited into the device until it is taken out.
8-> Secure Data Retrieval
<>
Your protected data can be transferred directly to your servers’ RAID BlockID (via ForsecaBOX direct connection adapters) or external disks defined by VendorID/SN through USB 3.x connection. All hardware identity information (VendorID) for these external disks and memory devices is logged, and these transfers are reported via email to the authorized personnel registered in the system. This notification allows tracking whether the backup has been transferred to a disk belonging to the organization, a memory device, or an external memory. Multiple email addresses can be defined, thus preventing manipulation by employees.
9-> User Authorization
<>
Through the offline management console of the ForsecaBOX device, you specify a username and password for the relevant data areas, and connections can only occur for authorized data. Users and backup programs without these access credentials cannot upload data to the ForsecaBOX device. This password authorization is only for delivering data to the ForsecaBOX device before it is secured, sealed, and turned into a backup log; even someone with these credentials cannot access or delete the data under protection.
10-> Chronological Data Ordering
<>
All data reaching the ForsecaBOX device is sorted as separate entries based on ‘day-month-year hour-minute and second.’ This way, you can restore your data by exporting the desired information.
11-> You Can Create Different Backup Cycles
<>
On the ForsecaBOX device, you can create multiple data transfer areas via the offline management console and plan different configurations for each data transfer area. For example, while uploading a full backup of your ERP program to one data transfer area, you can upload the differential version of the same backup to another data transfer area. You can define different automatic deletion periods and access rights for these separate sharing areas.
12-> Permanent Archiving Feature Outside of Backup Cycles
<>
You can specify at least one backup that should not be automatically deleted for your data transfer areas on ForsecaBOX. The deletion period will never drop below the specified day or ‘1’ unit. You can transfer your old, cold, passive backups, which you wish to exclude from the deletion period, to the permanent archive section inside the device. This way, you can store each piece of data separately without overwriting it.
13-> Compatible with All Backup Programs
<>
The ForsecaBOX device is compatible with all backup programs because it supports the Windows file sharing protocols and ports that all programs and operating systems support.
14-> Advanced Log and Notification Structure
<>
All control panel operations performed on the ForsecaBOX device, data views, backup processes, data protection processes, external transfers for backup (restore), transferred device (UID) identity information, and configurations are recorded in a log architecture within the device. All logging processes are recorded and tracked with separate process ID numbers. Some routine logs (management console attachment, backup, protection, external transfer, etc.) are automatically reported to registered emails. If desired, the same logs or detailed logs in various categories within the device can be retrieved again through control by specifying a period between two dates, and reported again to multiple authorized email addresses defined in the device. Even if other authorities remove you from the email notification list, you will still be informed of this removal. Thus, even if they remove your email address from the notification list to hide unauthorized operations or manipulation from you, these notifications will continue to arrive for a while.
15-> Data Does Not Get Lost Due to Hardware and Disk Failures
<>
In all ForsecaBOX products, depending on your preferred model (4, 8, 12, 24, 36, and 60 disks can be installed), various RAID, spare disk, and node features are activated to prevent data loss due to potential disk failures. You can position ForsecaBOX devices across multiple locations to safeguard against disasters like fires, earthquakes, etc.
1-> Are Classic Storage Units Secure?
<>
You manage other storage units via local or web applications. This way, devices allowing remote access over the network come with several inherent risks. Attackers can capture access credentials through malware such as 2FA or OTP bypass/Fake, keyloggers, etc., from any computer that has gained access. Access information can also be intercepted through ARP attacks on the local network. Anyone with access credentials can perform almost all operations from the panel on the device, even delete all data within the device or reformat disks up to RAID structures. Even if an attacker cannot capture access credentials, they can still launch remote attacks through the device’s online management application (local or web). For example, methods like cross-site scripting (XSS) can manipulate the web panel, or malicious commands can be executed on the panel via command injection (REMOTE) through communication methods. With these commands, they could delete the data stored on the device or even gain administrator access to take full control of the device.
2-> Secure Management Console
<>
The management console is a dedicated management device specifically produced for each ForsecaBOX and dedicated only to its own device. This management console does not have an operating system like a tablet PC or PDA. It runs specific management software written in machine language directly through its microprocessor without needing a direct OS.
3-> Pre-Storage
<>
The ‘Pre-Storage’ area developed by ForsecaBOX is the first place where you send your data. You send data to this area using SMB/SFTP protocols. After a certain period, the data in your ‘Pre-Storage’ area is moved, and 100% secure data protection begins on the ForsecaBOX disk space. The processors and disks of these two areas are also physically separated, providing protection against attacks like Meltdown and Spectre.
4-> Network Invisibility
<>
Through the offline management console, predefined PCs, servers, etc. can access the ForsecaBOX device and upload data. Devices not defined will not have network access to the ForsecaBOX area.
5-> Protected Data Cannot Be Deleted
<>
Data protected by the ForsecaBOX device cannot be deleted even by the device owner. There is no delete button, function, or command in the offline management console or any device interface. The device only deletes the oldest backup to make room for a new backup at the backup intervals you specified. New data automatically replaces old data. Thus, the device does not fill up its disk capacity and can continue to operate for years without requiring any maintenance cleaning.
6-> Safe from Data Leaks
<>
To export your data, the offline management console is necessary. With these procedures, protected data cannot be accessed again without physical presence next to the device and the relevant control and authorized pins. For industrial espionage or any data privacy needs, protected data cannot be accessed remotely or via the network.
7-> Checksum Control
<>
When data reaches the ForsecaBOX device, individual ‘SUM’ records are taken for all files in the package. This proves that no file in the content of the data can be altered or corrupted during the entire protection period on the device. The SUM records created when the data is stored for protection and when it is exported for backup needs, which are reported via email, prove to the user that their data has been securely stored from the moment it was deposited into the device until it is taken out.
8-> Secure Data Retrieval
<>
Your protected data can be transferred directly to your servers’ RAID BlockID (via ForsecaBOX direct connection adapters) or external disks defined by VendorID/SN through USB 3.x connection. All hardware identity information (VendorID) for these external disks and memory devices is logged, and these transfers are reported via email to the authorized personnel registered in the system. This notification allows tracking whether the backup has been transferred to a disk belonging to the organization, a memory device, or an external memory. Multiple email addresses can be defined, thus preventing manipulation by employees.
9-> User Authorization
<>
Through the offline management console of the ForsecaBOX device, you specify a username and password for the relevant data areas, and connections can only occur for authorized data. Users and backup programs without these access credentials cannot upload data to the ForsecaBOX device. This password authorization is only for delivering data to the ForsecaBOX device before it is secured, sealed, and turned into a backup log; even someone with these credentials cannot access or delete the data under protection.
10-> Chronological Data Ordering
<>
All data reaching the ForsecaBOX device is sorted as separate entries based on ‘day-month-year hour-minute and second.’ This way, you can restore your data by exporting the desired information.
11-> You Can Create Different Backup Cycles
<>
On the ForsecaBOX device, you can create multiple data transfer areas via the offline management console and plan different configurations for each data transfer area. For example, while uploading a full backup of your ERP program to one data transfer area, you can upload the differential version of the same backup to another data transfer area. You can define different automatic deletion periods and access rights for these separate sharing areas.
12-> Permanent Archiving Feature Outside of Backup Cycles
<>
You can specify at least one backup that should not be automatically deleted for your data transfer areas on ForsecaBOX. The deletion period will never drop below the specified day or ‘1’ unit. You can transfer your old, cold, passive backups, which you wish to exclude from the deletion period, to the permanent archive section inside the device. This way, you can store each piece of data separately without overwriting it.
13-> Compatible with All Backup Programs
<>
The ForsecaBOX device is compatible with all backup programs because it supports the Windows file sharing protocols and ports that all programs and operating systems support.
14-> Advanced Log and Notification Structure
<>
All control panel operations performed on the ForsecaBOX device, data views, backup processes, data protection processes, external transfers for backup (restore), transferred device (UID) identity information, and configurations are recorded in a log architecture within the device. All logging processes are recorded and tracked with separate process ID numbers. Some routine logs (management console attachment, backup, protection, external transfer, etc.) are automatically reported to registered emails. If desired, the same logs or detailed logs in various categories within the device can be retrieved again through control by specifying a period between two dates, and reported again to multiple authorized email addresses defined in the device. Even if other authorities remove you from the email notification list, you will still be informed of this removal. Thus, even if they remove your email address from the notification list to hide unauthorized operations or manipulation from you, these notifications will continue to arrive for a while.
15-> Data Does Not Get Lost Due to Hardware and Disk Failures
<>
In all ForsecaBOX products, depending on your preferred model (4, 8, 12, 24, 36, and 60 disks can be installed), various RAID, spare disk, and node features are activated to prevent data loss due to potential disk failures. You can position ForsecaBOX devices across multiple locations to safeguard against disasters like fires, earthquakes, etc.