ItinerX

Product \| ItinerX Frequently Asked Questions (FAQ)
General Support
1.	Q:	Does ItinerX USB device require any software to be installed on the host computer?
	A:	No, the ItinerX USB device carries all of the software needed to operate and perform its functions. No additional software is needed.
2.	Q:	Is the ItinerX USB device platform dependent and what are the minimum requirements? Is it compatible with Linux or Mac operating systems?
	A:	ItinerX will operate on any platform with a USB port running a Windows 2000 or later operating system. The ItinerX is not compatible with either the Linux or Mac operating systems.
3.	Q:	Can the ItinerX USB device be damaged, or can data be lost, by passing it through airport security x-ray?
	A:	No. The USB device operation and its contents are not effected by airport x-ray systems.
4.	Q:	If my ItinerX stick stops working or fails to operate, can I reconfigure it on the fly?
	A:	Your ItinerX stick is reconfigurable. If ItinerX is hosted on your company's server system, contact your ItinerX system administrator. If ItinerX is hosted on a Titan hosted server, please contact us in accordance with the ItinerX website.
5.	Q:	If my ItinerX stick is lost or stolen, is my data safe and can it be recovered?
	A:	All data files on the ItinerX are stored in an encrypted form and are therefore safe. See your system administrator for a replacement USB device and subsequent data recovery. Note: Data recovery requires that the data in question be synchronized with the ItinerX server. Data that is stored on the USB device only and has not been synchronized with the ItinerX server is not recoverable.
6.	Q:	Am I limited to just one portable memory device per ItinerX license? Can I have more than one device to serve as a hot replacement or back-up?
	A:	The ItinerX enterprise system is procured with a fixed number of licenses available for authorized users. Unauthorized cloned USB devices will not synchronize with the ItinerX server. Replacement devices authorized by the ItinerX system administrator will synchronize with the ItinerX server.
7.	Q:	What will be the system requirements for customer hosting of the server software? Is Titan installation support included in the enterprise price?
	A:	The ItinerX server is written in the Java programming language, and requires a Java JDK 1.4 environment to execute. Server data storage allocation is independent of the ItinerX system and is determined by the data storage allocation policy of the host system. The Titan hosted ItinerX server allocates 1GB of server data storage per licensed user. Larger storage options are available. Titan installation and training is included in the purchase price.
8.	Q:	How does the ItinerX system handle data retention in the Titan hosted configuration? Does it limit capacity per seat or per customer with “n” number of seats? Can a lifetime (or date) be set and adjusted?
	A:	The default data retention policy is based on file quotas, where users are each configured to retain data until a certain size is met. When retained data exceeds the assigned quota size, the system will remove the oldest data from the archives until the users space usage is in alignment with the assigned quota. This policy can be adjusted based on corporate requirements.
9.	Q:	Can the ItinerX system be put into a customer's network and use existing PKI certificates and not ones generated by the ItinerX software?
	A:	The ItinerX server has a flexible key/certificate management process that allows for external sources to be used. Contact Titan for details on system support and capabilities.
10.	Q:	Is there a limit to the number of ItinerX USB devices that constitute the ItinerX system? Is there a potential for a bottleneck?
	A:	The ItinerX server is able to support a large user base given that devices only connect periodically. The specific capacity of a given ItinerX server will depend on the hardware, operating system, and database in use.
11.	Q:	When Titan sells a customer hosted system can they limit the number of seats to what is licensed? If so, can they over-the-net, increase the number of seats allowed if the customer wants to buy a license for more?
	A:	Yes. Titan can limit the number of seats and can modify the number of seats according to customer requirements.
12.	Q:	Explain the process of preventing duplicate removable memory device being made and used.
	A:	An unauthorized, duplicate (cloned) memory device could be used for local data storage but cannot synchronize to the ItinerX server. A removable memory device can be duplicated easily, but with each synchronization that occurs, a new temporary “Sync Token” is returned by the server. If a user then syncs either their original or cloned memory device, the new token will be stored only on that device. The other memory device will no longer have a valid token, and will not be able to sync.
13.	Q:	What is the current process for data and key recovery?
	A:	An administrator user will login to the web interface and select the user. They will click the “reprovision user” button and this will generate a new temporary token for the user, and send it to their email address. The user will take a clean removable memory device and enter the new token information. On the next sync, the files will be restored.
Security
14.	Q:	What encryption algorithm does the ItinerX use and is it safe?
	A:	The ItinerX provides a choice of two algorithms: Triple DES or 256-bit AES. Both algorithms are certified by the Government National Institute of Science and Technology for protecting sensitive information.
15.	Q:	Is the encryption function of ItinerX part of the Windows OS?
	A:	No, the encryption function is independent of the OS.
16.	Q:	What is PassFaces and how does it work?
	A:	PassFaces is a cognometric means of user access based on memorizing a sequence of human faces. It is one of the multi-factor access control features incorporated into ItinerX. Details are available at: www.realuser.com.
17.	Q:	Are files automatically encrypted when the ItinerX stick is removed from the host platform?
	A:	No. The user should perform file encryption before the ItinerX USB device is removed from its host. Reminder: Since the ItinerX USB device is a flash drive, it must be removed in accordance with the operating system's requirements.
18.	Q:	Where does the ItinerX device store its encrypted keys and can they be stored remotely? How are they generated?
	A:	Keys are encrypted and stored on the USB device and cannot be exported or stored separately. Encryption keys are generated automatically by the ItinerX system.
19.	Q:	Can the ItinerX encrypt or decrypt more than one file at a time?
	A:	Yes. The ItinerX application can load a set of files in at once, with no extra user intervention.
20.	Q:	Are all transactions between the ItinerX stick and its server secured or encrypted?
	A:	Yes. All transactions are encrypted and bi-directionally authenticated.
21.	Q:	What level of information can the ItinerX process?
	A:	ItinerX has begun the process for FIPS 140-2 certification allowing it to handle Sensitive But Unclassified (SBU) information by Government agencies.
22.	Q:	Is the password for the ItinerX alphanumeric and how many characters are required? Is it case-sensitive? What do I do if I forget my password?
	A:	The password is alphanumeric, requires a minimum of 8 characters, and is case-sensitive.
23.	Q:	Can I use the ItinerX to encrypt complete directories or sub-directories?
	A:	A group or folder of files may be imported to the ItinerX application.
24.	Q:	Does ItinerX allow for both public and private folders?
	A:	The ItinerX USB device does not have separately allocated memory space for public and encrypted information. We recommend that all information stored within the USB device be encrypted.
25.	Q:	When will the Biometric version be available and how will it work? Will the other user access options still be available (PassFaces and password)? Do I have the option to pick and choose which user access features I want to use?
	A:	A Biometric version of ItinerX will be available in calendar Q2 of 2005. All user access options will be available (password, PassFaces, and Biometric). The ItinerX system administrator may disable PassFaces.