• slide1-graphic

    What Is IronStratus?


    IronStratus is simple and secure cloud application access and management for your business. We're all about removing complexity by combining the convenience and ease-of-use of the cloud, with the functionality and security you expect from an identity and access management tool. And you can actually afford it too. IronStratus equips you with a better way to:

    • Secure access to cloud applications with Trust No One SSO
    • Control and centrally manage cloud application access
    • Provision application access and delegate control
    • Get visibility into applications and users

    Activate Your Free Account
  • slide2-graphic

    Is IronStratus For You?


    We fit best with businesses that are native cloud adopters or are shifting to the cloud. From small advertising agencies to 1000 person software companies, we're usually solving the same problems:

    Secure access to the cloud. We call it Trust No One.
    Single sign on (SSO). Login once and get one-click access to all your apps.
    Control access. Make sure only certain users can access certain apps.
    Organize your digital life. Identity vaults that separate your digital life.
    Manage access to client or partner apps. Agencies we're looking at you.
    Quickly grant or terminate access. Onboarding & off-boarding employees.
    Better company visibility. See who is using which applications when.

    Activate Your Free Account
  • slide3-graphic

    How Can I Get IronStratus?

    Signing up to use IronStratus is quick, easy and best of all, FREE.

    Because we believe in keeping it simple, we require no commitment from you. We give you 5 users for free, forever; to use however you want. There is no need for a credit card; no limits on functionality; no trial period. Simply sign up, and begin using IronStratus immediately.

    Activate Your Free Account

Trust No One

Trust and security are at the core of what we do, because it has to be. At the end of the day any system that offers or implements any sort of security policy or mechanism needs to answer a very simple question ‘Who are you going to trust?’ And our answer to that question is very simple ‘Trust No One.’ Here's a good article that explains the different cloud security philosophies.

Security Overview

Ok conspiracy theories aside, what does Trust No One actually mean? The most basic element is this, you are the only person who will ever have access to your credentials; the second example in the article noted above. A  user's password into the IronStratus account is what unlocks any credentials that are associated with any of the Vault Items. You are the only one who ever sees your password, unless of course you explicitly decide to share those credentials with others. All decryption is done just in time, within your browser session, on the system where you’re accessing IronStratus; never in the cloud or over the internet.

 

Secure Credentials

As you might expect there are two sets of credentials you should be worried about, your credentials to log into IronStratus itself and the credentials you have stored within IronStratus that allows you to access all your applications. Here’s how we handle those:

  • Your IronStratus password is your decryption key, and yours alone. Your manager doesn't have a copy, your IT department doesn't have a copy, and we at IronStratus don't have a copy. The password used by an IronStratus user to log into our system is is encrypted using cryptographic hash function (SHA-512) and is never stored or transmitted in clear text...EVER.

  • The credentials associated with the Web Login items in your vault are also never stored or transmitted in clear text...EVER. Your Web Login credentials are encrypted by the IronStratus browser extension with a symmetric key encryption algorithm (AES-256) using your encrypted IronStratus login password as the key.

 

Password Recovery

Of course the flip side of keeping your credentials as safe and secure as they can possibly be is that you alone have responsibility for remembering your password. As we said above, not even IronStratus has access to your credentials. This is no joke; we use one-way encryption to encrypt your IronStratus password, so password recovery is not an option. We couldn’t even reproduce them with a court order or Federal subpoena. With that said we do allow users to:

  • Establish a password hint at the time of account creation that they set and will hopefully help to remember the password they selected.

  • Reset your IronStratus account password by supplying answers to security questions at the time of account creation. But in this case all of your Vault Items will remain intact; however, the credentials that you previously entered or were assigned to you, will be flushed and you will have to re-enter them.

 

Secure Technology

Browser Extension

IronStratus uses a browser extension to actually place credentials into your web applications, and this is what keeps those credentials from ever leaving your system and leaking out into the cloud.

Hosting

IronStratus is hosted with Amazon Web Services (AWS)

SSL

IronStratus is authenticated by VeriSign SSL certificates

Encryption Standards

IronStratus encrypts credentials using AES-256-bit encryption and only ever transmits encrypted credentials using SSL.