Company Partners Products Downloads Order Contacts
New ControlSphere 4
PC access control
Disk and data encryption
Password management / SSO
Enterprise management server

ControlSphere is an end-user/enterprise Single-Sign-On and data protection solution. It allows authentication automation with Windows logon, WEB access and all programs installed on user's computers. It increases security by encrypting user data for protecting privacy on hardware or logical devices.

ControlSphere is designed to protect user data and automate most of authentication tasks for the user at work and home environments. It greatly simplifies daily authentication and data protection tasks for a user, at the same time making them more secure.

ControlSphere instantly extends all installed software on userís desktops or laptops and enables an automatic authentication (SSO) to Windows logon, SAP, Lotus Notes, Remote Access, Citrix XenDesktop, Skype, Oracle clients, SharePoint, Microsoft Office, Siebel, public or private clouds and nearly all other programs and WEB sites heuristically.

No need to know, remember or type any passwords - ControolSphere SSO does it for them.

Security with secure hardware

ControlSphere secures user data, protects privacy and eliminates the need of remembering and typing any passwords. The solution integrates common authentication and data storage procedures on a PC and substitutes them with strong two-factor authentication (with smartcards or USB tokens) making itself a central security and Single Sign On (SSO) point.

ControlSphere keeps sensitive user data protected on secure hardware devices. These are smartcards and javacards : traditional card-sized or USB token devices. Today security devices are certified by a number of government and security organizations according to either FIPS or ITSEC standards - they are resistant against hacking and will self-lock or self-destroy in case of unauthorized access attempt.

The idea of ControlSphere is simple - it is enough to have a secure device as sensitive data storage and know the device PIN to access and automatically use the data without the need of manual operations. ControlSphere authenticates user to Windows and network, as well as to all Windows programs and WEB sites by automatically delivering on-device passwords to requesting fields. Encryption technology of ControlSphere helps keeping user data safe and protected.

Who may need ControlSphere
The product is designed for both companies and individual end-users, helping them protecting either personal or corporate information, eliminating the need of remembering and typing any passwords and controlling the way they access their computers.
Besides the user account and data protection, ControlSphere provides exceptional support for roaming users keeping their configuration and data secure and environment constant while moving from one computer to another.

The Token Management System of ControlSphere helps companies controlling lifecycle of their secure device fleet. In additional to that Token Management System (TMS) provides full control over secure data on the ControlSphere-enabled devices.
Modular and flexible solution
ControlSphere client is a modular solution containing the following services which can be enabled and used separately or in combination:
  Windows Logon and session protection

This service allows quick and easy access to multiple computers with multiple Windows accounts by using a single card or USB token.

• Possibility to use longer and complex passwords known or unknown to users.
• Possibility to store and use multiple Windows accounts (credentials) per device.
• Use of the same card can with multiple computers where Windows accounts match.
• Automatic usage of randomly generated passwords unknown to a user.
• Automatic Windows password lifecycle support.
• Product configuration according to individual enterprise security policy.
• Full customization on the authentication methods, control of PIN security level and its change policy.
• Automatic blocking of selected programs on card removal and session protection.
• Does not require PKI infrastructure or certificate server, ControlSphere is self-sufficient.

  Disk and data Encryption

Encrypt your environment and protect your data the most convenient way.

• The protected information cannot be viewed or copied by other users not having an access to the encryption key.
• Transparent encryption takes place at the atomic disk operation level and is not sensible by users.
• Encrypted locations are automatically or manually merged with Windows file system, becoming accessible to all programs.
• Automatic protection for user profile data, even on a network.
• Full integrated with Windows allows encrypted drive management extremely easy for users.

  Password Manager / Single Sign On (SSO)
  Store your passwords on a secure device and automate account and password entry to Windows, WEB and third-party programs when requested.

• Secure password storage and management on smartcard or USB token devices.
• No need to know, remember or type any passwords in the system.
• Automatic or semi-automatic password request handling.
• No caching of passwords in applications and overall on a computer.
• Heuristic password request filling for all Windows programs.
• Heuristic password request filling for WEB forms and applications.
• Possibility to use longer and complex passwords known or unknown to users.
  Enterprise Token Management System (TMS)

Companies will enjoy suing this service to convert ControlSphere into true enterprise product, allowing remote control and centralized management. TMS helps companies to control lifecycle of their secure device (smartcards/tokens) fleet and provides full control over secure data on the ControlSphere-enabled devices.

• TMS database holds centralized company-wide card, user and security group registry.
• Data on user cards are automatically synchronized with the database for disaster recovery and management reasons.
• Changes on ControlSphere data made by a user with ControlSphere program are automatically replicated to the TMS database implicitly and securely.
• TMS enables remote implicit user device/data updates and centralized distribution from the server.
• TMS database maintains card data update history automatically and allows remote data restore and rollback function.
• TMS provides convenient remote PIN reset function for cards with locked User PINs.
• TMS supports remote data wiping on a lost or stolen cards in a case when someone tries to use them.

  Other Features
  Besides the main services, ControlSphere provides other security and convenience features which are functional regardless of the ControlSphere service configuration defined.

• Additional card holder identification mechanism via public data records on a card (name, description and holder photo).
• Feature-rich card security policies allow device configuration according to individual security policies of a company
• Extra protection against PIN capture by malicious software and "sniffers".
• Full or partial data backup to another device or encrypted file (Token Image).
• Full or partial data restore functionality from an encrypted file or another card/USB token.
• Automatic implicit card data backup function to an encrypted file.
• Use of the encrypted file (Token Image) as a physical device in a case of emergency of physical device loss.


Product brochure



Product presentation



Product description



Technical description