ControlSphere Token data Backup/Cloning
It is unusual for tokens to be lost or stolen as they are normally attached to a piece of the user's jewellery such as the house/car key-ring. However, to prevent token data loss the user has ability to:
Create a secure back up of the ControlSphere data to a Token Image file (protected by a "secure" password and super-strong chained AES256 bit encryption) on their hard drive of floppy disk.
Backup/clone ControlSphere data to another token, making it a functional reserve device that is identical to the original one.
ControlSphere token can hold a number of data blocks (see ControlSphere Data Structures) and all of them are subjects for backup/restore process.

To backup ControlSphere token data select a desired data subset to backup by checking the corresponding options. To backup ControlSphere data completely, select "Backup all" option. Note that the data items not available for backup (empty items with no content) will be grayed out and unable to select.

You can further customize your token backup data by selecting a subset of Windows account entries and encryption keys to backup. To do so click the corresponding "Select accounts to export" and "Select keys to export" links.

Data Merging Options
ControlSphere provides so called "data merging options" for Windows account entries, encryption keys, password entries and encrypted volume automation settings. The options become available when backing up ControlSphere data to another token or to an existing Token Image file when "Update the existing backup image file" option is selected. In this case the backup process will merge already existing (if any) data items with the ones being backed-up. The desired data merging option can be selected by clicking the appropriate data merging option links. The following merging options are available:

Replace existing data (if any) on a token

Select this option to completely replace existing data items with the new ones. This is the default option.

Merge with existing data and overwrite conflicting items Select this option to merge the current data items with the new ones. The existing matching data items will be replaced with the new items in case of item name conflicts.
Merge with existing data and preserve the conflicting items

Select this option to merge the existing data items with the new ones. The existing matching data items will preserved in case of item name conflicts.
Please note that exporting/cloning such administrative data items like Windows account entries and encryption keys will require an Administrator/SO PIN.

Once you have selected data subset to backup, choose the backup destination by selecting a corresponding option.

To backup ControlSphere data to encrypted Token Image file select the corresponding option and provide a full path to the file. If the Token Image file already exists, ControlSphere will allow you either update the file (current encryption password will be required) or overwrite it completely (new encryption password will have to be provided).

IMPORTANT: ControlSphere stores existing token licenses in the Token Image file when making a full backup of a token. The Token Image file will have the same licensing state as the source token. Updating such a Token Image will preserve the existing license data.


To backup ControlSphere data to another token (cloning mode), select the appropriate option and connect a destination token device to clone the data to. You will be asked for a User PIN of the device. Cloning Token Security Policy, Administrative data items or Public Token Identification data items will also require Administrator/SO PIN of the destination token.

To backup/clone ControlSphere data click "Backup" button.

 

Automatic Token Data Backup functionality
In addition to manual token data backup functionality ControlSphere provides fully-automated implicit token data backup function. If enabled, this function automatically replicates all changes made on ControlSphere token data to a selected encrypted Token Image file. Manual data backup becomes unnecessary since ControlSphere data changes on the token are automatically backed up to the destination file. No user input of any sort is required.

The auto-backup configuration settings are token-dependent and are securely stored among other ControlSphere data on a token. The configuration includes:
Path to a backup file to create or update

This is a full path to an encrypted Token Image file to create or update. The file can be located on a local computer or a remote server. Note that network location may not be available in the logged-out state, which may make automatic backup unavailable in some rare cases.
Encryption password to use This is a secure encryption password which is used to encrypt the backup Token Image file.