In a bizarre twist that sounds more like satire than cybersecurity research, it was recently demonstrated that a spring onion  (yes the vegetable!) could be used to bypass security on Dell devices by exploiting firmware vulnerabilities. This isn’t just a quirky headline – it’s a serious wake-up call for anyone relying on built-in device security like TPMs or biometrics. What Happened? The vulnerability, as reported by Computer Weekly,  involves flaws in Dell’s firmware that could allow an attacker to bypass secure boot mechanisms. The researchers showed that even with a Trusted Platform Module (TPM) present, the system could be compromised using physical access and “clever manipulation” - like using a vegetable to trigger capacitive sensors  – highlighting how superficial some security implementations can be. The Problem: Trusting the Wrong Hardware The Dell vulnerability highlights that fundamental flaws in modern device security can occur even when a PC has a secure element like a TPM, it’s not truly secure if the firmware can be tampered with. In general, these devices lack tamper-resistance, meaning attackers can gain physical access to probe secure circuits and manipulate them to reveal their secrets. And then there’s biometrics. The “Spring Onion Hack” shows how biometric authentication can be spoofed or bypassed. Once considered cutting-edge, biometrics are now continually proving to be inherently insecure when used as the sole method of authentication. The Limitations of TPM and Biometrics TPM: Not a Silver Bullet TPMs are embedded in general-purpose devices and rely on firmware integrity. If the firmware is compromised, the TPM can be rendered ineffective. TPMs lack physical tamper resistance in most consumer devices. Biometrics: Convenient but Insecure Biometric data is not secret. Can be spoofed and bypassed. The “Spring Onion Hack” shows how easily sensors can be tricked. The VeroGuard Solution: Security by Design At VeroGuard, we believe security should be purpose-built , not patched together from consumer-grade components. Here’s how our solution addresses the issues exposed by the Dell incident: Purpose-Built Hardware Authenticator VeroGuard uses a dedicated hardware authenticator that is designed from the ground up for secure identity verification. The VeroCard is dedicated solely to identity-based functions. It has no physical ports for external connections and cannot be remotely activated, ensuring it remains isolated and secure from unauthorised access.   Tamper Resistance Is Non-Negotiable   Security that can be physically bypassed isn’t security at all. VeroGuard’s authenticator is engineered with true tamper resistance   and certified to payment industry specifications, ensuring that even if an attacker has physical access, they can’t compromise the device or the credentials it protects. No Biometrics, No Guesswork We don’t rely on biometrics. Why? Because; 1)        they’re not secret, and 2)        they’re probabilistic and not deterministic. Biometric authentication systems are intentionally designed to tolerate slight variations in input, because no two biometric scans – even from the same person – are ever exactly identical. Ironically, a 100% match is often treated as suspicious, since it may indicate a replay attack using a previously captured biometric sample. VeroGuard uses cryptographic keys stored in secure hardware. Out-of-Band Authentication Most importantly, VeroGuard’s authentication process occurs outside the target device. This out-of-band approach means that even if the PC or phone is compromised, the authentication remains secure. The device never sees your credentials, making phishing and malware attacks highly ineffective.   Final Thoughts: Don’t Let Your Security Be a Joke The spring onion hack is amusing—until you realise it could happen to your business. It’s time to stop trusting consumer-grade security and start demanding real protection . VeroGuard offers a solution that is not just secure in theory, but secure by design . Dedicated hardware designed specifically for secure identity verification. Purpose built for authentication – NOT general-purpose use Out of Band – Authentication occurs outside the target device. Hardware Security Modules – Credentials are never exposed to the device, reducing phishing and malware risks. Engineered with true tamper-resistance – keys are wiped if tamper is detected

No, but could this be a sign of what's ahead? Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication using passkeys, the industry-wide standard being adopted by thousands of sites and enterprises. Further review of the attack path has shown that the bad actor did not bypass the passkey authentication but was successful in using a downgrade path to achieve their goal of accessing the user’s account. While this review emphasises that passkeys remain a strong and secure method for MFA , it also highlights that not all authenticator types should be considered equal, and that software bound credentials and implementations (in this case the implementation of the passkey authentication standard) should never be completely trusted. TL; DR While smartphone-based passkeys improve user convenience, they compromise FIDO2’s foundational hardware-bound security model. In high-risk environments, only dedicated hardware authenticators like VeroCard   can maintain cryptographic integrity, attestation trust, and robust phishing resistance. What Happened in the Recent "Downgrade" Phishing Attack Using FIDO2 Cross-Device Sign-In? In a recent report (mid‑2025), researchers at Expel observed a real-world phishing campaign by the group known as PoisonSeed, which exploited the cross-device sign-in feature in a clever adversary-in-the-middle attack: Victims received a phishing email directing them to a counterfeit enterprise login portal. After entering credentials, the phishing site relayed them in real-time to the legitimate site and triggered a cross-device sign-in request. The legitimate site generated a QR code for authentication, which the phishing page immediately captured and displayed. When the victim scanned the QR code with their phone, they unknowingly authenticated the attacker to the legitimate site. While this manoeuvre downgrades FIDO2 authentication to a weaker flow and is not a breach of the Fido2 protocol, it uses the weakness of the downgraded process, facilitated using a smartphone based passkey, to obfuscate reality from the victim. Why Using a Smartphone as a FIDO2 Authenticator Is Insecure Using a smartphone as a FIDO2 authenticator introduces fundamental security trade-offs that break key FIDO2 security assumptions, fracture passkey provenance and can enable bad actors to run a downgrade attack on passkey authentication. Passkeys created and stored on smartphones provides a convenience-security compromise that may be acceptable for consumers, but remains unsuitable for enterprise, critical infrastructure, or regulated environments. For these use cases, dedicated hardware authenticators like a VeroCard are the only way to maintain the original security promise of Fido2. Breaking FIDO2’s Original Core Security Premise Fido2 was designed with the principle that the private keys never left the security of the hardware authenticator. Driven by the consumer desire for convenience the Fido2 specification was revised to allow synchronisation of passkeys across cloud ecosystems so that users could easily access systems and sites using a single passkey. When users sync passkeys across devices using cloud services (like iCloud Keychain or Google Password Manager), the baseline security of passkeys is violated: The private credential is copied to multiple devices. Security of passkeys is now dependent on cloud account protections, not local hardware. If a cloud account is compromised, all passkeys are accessible remotely. In some environments users can share passkeys with others – fracturing any assertion of passkey  attestation . This turns a local, hardware-bound credential  into a cloud-distributed secret , significantly weakening the trust model.   How VeroCard Solves These Issues VeroCard restores the original FIDO2 security promise by: Hardware-Enforced Isolation Private keys remain protected in hardware at all times. Each key is device-bound  and tied to the physical VeroCard hardware. No Cloud Syncing Eliminates risks from iCloud, Google account, or password manager compromise. No cross-device duplication or migration of credentials. Downgraded flows are not allowed: VeroCard does not allow the user of QR code downgrades A single user gesture, PIN entry, and subsequent passkey login provide a full MFA without the need for any other factors. VeroGuard  further enhances security by: Requiring User Verification VeroCard enforces user presence  through PIN verification for every login. PIN verification is completed by the VeroGuard Platform prior to allowing the passkey to be used Requires explicit user interaction  resulting in identity verification and impersonation resistance. Origin Binding Enforced in Platform VeroGuard verifies the relying party (domain) has been permitted for the user, and ensures credentials are domain-specific . Centrally managing VeroCards: Tracking and managing devices Block use of and remove credentials Block VeroCard if lost Offering certified end to end process Common criteria PCI-PTS   Summary Risk Area Smartphone Passkeys VeroCard Private key leaves device ❌ Yes (via cloud sync) ✅ No Cloud account attack risk ❌ High ✅ None Cross-device phishing exposure ❌ Possible ✅ Prevented True hardware-based isolation ❌ Weak ✅ Strong Enterprise-grade assurance ❌ Lacks ✅ Delivers Verified user presence ❌ Optional or implicit ✅ Required (and verified) every time Phishing/aitm resistance ⚠️ Can be bypassed with cross-device flows ✅ Guaranteed Hardware certification & standards ⚠️ Some component level ✅ EAL2+/PCI-PTS VeroGuard is Common Criteria EAL 2+ certified  and VeroCard also holds PCI-PTS certification (standards for PIN security), along with FIDO2.

The economic impact from cybercrime continues to increase and as we enter 2025 we thought it well worth reviewing the key cybersecurity observations and lessons from 2024. This series of articles will wrap up with an opinion about what we believe is the trend leading us into 2025. Be more Proactive with Cyber Security   Observation 1: Surging Zero-Day Exploits 2024 has been a landmark year for cybersecurity, with a significant increase in the discovery and exploitation of zero-day vulnerabilities. These unpatched security flaws have become a primary tool for cybercriminals, posing serious challenges for cybersecurity teams. The volume of reported CVE’s in 2024 should act as a reminder that no system is ever totally secure, and with some of the most impactful affecting FortiManager, Google Chrome and Windows, a large percentage of businesses globally were in the direct firing line. The evolving tactics and strategies of attackers suggest this line of attack is not going away.   Observation 2: Nation-State and Cybercrime Collaboration Observation of several high-profile attacks has suggested that the level of collaboration between nation-state actors and cybercriminals, increasingly blurring the line between these actors. Nation-state sponsored attackers initially used zero-days in targeted attacks, which were then escalated to widespread exploitation to cover their tracks.   Lesson 1: You must have a proactive defence strategy The best defence against cyber threats is awareness and preparation. Organisations must stay informed of emerging threats, maintain staff awareness training and prioritise the patching of weaponised CVE’s. These actions, however, won't help much if the adversary is using valid stolen or created credentials.  Therefore, the foundation of proactive defence strategy must be to deploy the latest and strongest identity management system as your first priority.   Why is identity important ? Implementing strong identity verification can prevent unauthorised access even if a zero-day exploit is used. Implementing a phish-resistant MFA solution can significantly enhance security by ensuring that even if credentials are compromised, unauthorised access is prevented.   Resilience in the face of Ransomware  Observation 3: Ransomware attacks surge A significant increase in ransomware attacks affecting various sectors including healthcare, finance, and critical infrastructure occurred in 2024. The top 5 confirmed attacks include Change Healthcare (US), LoanDepot (US), MediSecure (Aus), Izumi Co (Japan), Evolve Bank & Trust (US) in which an estimated 140 million records were stolen. Aside from data theft, these attacks led to substantial service disruptions and financial losses.   Observation 4: Ransomware targeting service providers and supply chain networks Ransomware attacks in 2024 highlighted the fragility of supply chains and business continuity. A cyberattack on the parent company of major US supermarket chains disrupted services across its entire network impacting more than 2,000 stores for several days.   Observatio n 5: Cybercriminal “Whack-a-Mole” While law enforcement efforts to combat ransomware gangs were able to disrupt the LockBit gang, which saw 34 servers seized, cryptocurrency accounts frozen, 1,000 decryption keys obtained and that two individuals arrested, they were reportedly ‘back on line’ within 2 weeks. Furthermore, new ransomware groups like RansomHub have become prominent.   Lesson 2: Resilience in the Face of Ransomware Limiting the spread is a critical factor in network resilience when faced with a ransomware attack. Backups, patching, antivirus/antimalware and EDR tools are all important, but as ransomware gangs target business disruption through attacking supply chains and service providers, network resilience is key . Implementing network segmentation can help limit the spread of ransomware, by blocking common pathways and protecting the most valuable assets which can significantly reduce the impact of a ransomware attack. More importantly, identity-based segmentation can help isolate compromised accounts and prevent lateral movement within the network.   Why is identity important? Implementing strong identity verification can help ensure that only authorised personnel can access critical systems, reducing the risk of ransomware attacks. A phish-resistant MFA solution can help protect against ransomware by ensuring that only authorised personnel can access critical systems, reducing the risk of attacks spreading and building resiliency. Critical Infrastructure needs an IT security focus Observation 6: Attacks on Critical Infrastructure (CI) rise as IT system defences become stronger. Attacks on critical infrastructure reached new levels in 2024, so much so that the US Cybersecurity and Infrastructure Security Agency (CISA) issued a notice warning that US government-run water systems were at risk. Attackers shifted their focus to more the vulnerable systems like water processing plants and power grids as they represent a much easier target. This is because there is often a lack of visibility into connected Operational Technology (OT) devices, making threat detection extremely difficult.   Observation 7: OT teams need to take more precautions when connecting devices online One of the key issues is the fact that many CI operators continue to connect industrial tools to the internet to remotely manage them. Different from IT (which has a relatively shorter life cycle), much of the industrial systems operate using legacy equipment that was never designed with cybersecurity in mind, leaving devices exposed to relatively unsophisticated methods such as the use of default passwords or conducting brute force attacks.   Lesson 3: Critical Infrastructure needs an IT security focus The time to invest in an “IT style” cybersecurity strategy for operational technology (OT) systems is now. This strategy needs to cover the systems in use, how they can be managed in a critical operations environment as well as upskilling personnel who are generally not IT professionals who are more familiar with cyberattacks and the required defences. Collaboration between IT and OT teams will be crucial for securing these systems, using the lessons learned in traditional cybersecurity practice – especially around strong identity and access controls.   Why is identity important? Implementing strong identity verification can help ensure that only authorised personnel can access critical systems. A phish-resistant MFA solution can help protect against unauthorised access, and strong managed hardware based VPN connectivity can be used to prevent exposing devices themselves to the internet.   Phish-resistant MFA should be employed on every system and device.   Observation 8: Phishing techniques will continue to grow in sophistication Phishing was the leading attack vector in 2024, reportedly up 58% on 2023. Cybercriminals are employing increasingly sophisticated methods to deceive individuals, with AI now able to create more convincing and tailored messages to individual targets, increasing the likelihood of success. Expecting humans to be able to effectively discern the difference between an advanced AI crafted email, online chat, phone or video deepfake call will soon become an inappropriate defensive tactic.   Observation 9: Proliferation of online tools The number of phishing kits available on the dark web has apparently increased by 50% in 2024. These tools are now so advanced, even novice cybercriminals can effortlessly launch sophisticated campaigns, and impersonate brands, governments, banks and service organisations. With success rates rising from 14% to 18% attackers are clearly becoming adept at manipulating victims to bypass poor security.   Lesson 4: Phish Resistant MFA should be employed on every system and device. Humans will always be able to be manipulated, and therefore identity and authentication mechanisms must be phish-resistant. Second factor authentication systems should now be considered as providing no added security, and only phish-resistant MFA should be utilised (where ever possible using separate purpose-built hardware authenticator).    Why is identity important? Phishing   has a single goal in mind – credential theft. Implementing a phish-resistant MFA solution will prevent your organisation from becoming another statistic and will significantly enhance your security posture by ensuring that even if credentials are compromised, unauthorised access is prevented. Trends to expect in 2025   In the part of this article, we look ahead to the cybersecurity trends and challenges expected in 2025.   Continued Rise of Zero-Days:  We predict the ongoing increase in zero-day vulnerabilities and exploits. Why? Simply put software is complex (more than ever) and adversaries are now very focused on finding and exploiting software flaws. Phish-resistant MFA will become the minimum standard:  More organisations will deploy phish-resistant MFA, phone-based authentication apps will be widely breached. Passkeys will be more widely adopted:  however, enterprise and government will be slower to adopt due to legacy equipment and systems which are not passkey ready. Account recovery processes will be targeted: Especially for passkey-protected accounts, attackers are now more likely to focus on finding weaknesses in account recovery and reset requests and pivot to phishing for recovery keys. AI will be widely adopted by adversaries to be more targeted and efficient with their attacks: Emails, SMS, chats, phone calls, deep fake videos will be almost impossible for humans to decern as fakes. Evolving Ransomware Tactics:  Ransomware operators will target new sectors, such as service and supply chain organisations, seeking to disrupt operations as much as steal personal data. Focus on Critical Infrastructure: Attackers see CI as a strategic and much softer target and will seek out any unprotected operational and edge devices. More executive prosecution for cyber incidents:  Litigation for cyber incidents will increase as tightened laws around liability of senior management take hold. The Rise of Identity-Based Security: Traditional security measures like firewalls and VPNs are no longer sufficient. The focus of security for organisations will change to be on verifying and securing the identities of users and devices accessing systems.   Who is VeroGuard Systems? VeroGuard is a leading digital identity technology company that understands the importance of a secure, verified and reusable identity in today’s hybrid IT environments.  The VeroGuard Platform provides our customers with a bank-to-bank level identity verification system and when combined with our VeroCard offers Next Generation Authentication solutions, where authentication is linked to identity verification with every authentication request. VeroGuard NFA can secure legacy authentication protocols and support the latest Cloud systems with passkeys - all with a phish-resistant and identity aware overlay.   One more Trend for 2025 1.       Next Generation Authentication will be the security foundation for all digital transformation.

Amongst the most pressing concerns currently holding back the effective implementation of a digital economy is that of delivering a secure digital identity. For Government A unified, universal digital identity platform for Government departments accelerates the ability to bring services online for citizens, secures data and improves administrational procedure. Click below to discover how VeroGuard can help to streamline your Government department. Find Out More Find Out More For Corporate Industry leading ID management solutions, secure remote login options for staff and the ability to store your organisation’s data assets with confidence. A single, unified system to achieve all this and more. Citizen ID The transition to a digital economy requires a trusted, efficient and unified secure method for accessing government services. A VeroGuard Citizen ID seamlessly connects citizens to government services and stops access by impostors to provide trust between citizens and Government. Our platform not only switches between government and corporate applications, but is designed to certify into existing financial networks to utilise existing schemes and settlements at cardholder present level online. It automatically complies with banking identity frameworks and existing retail payment terminals. Citizen ID allows for easy and ultra-secure access to online services for any level of government. It is a universal solution that enables secure online proof of age, online voting, E-health data, E-Prescriptions, digital public transport wallets, event ticketing and so much more. For more information: VeroGuard Citizen ID Business ID Protect your supply chain with the best available security and discover the absolute surety of non-repudiable verification. VeroGuard Business ID is a unified and indisputable solution for verifying the source of all interactions between organisations in your supply chain. In addition to identity management, the solution provides unmatched protection for documents and data, reduces cycle times and prevents the need for data re-entry. It's a universal ID layer for any existing platform that enables a single user account with authentication to access any authorised system. A VeroGuard Business ID provides indisputable, non-repudiable proof of identity for all digital communications and transactions. Our solution verifies every interaction between businesses, as well as those between business and government. VeroGuard stops unauthorised access to systems and data. For more information: VeroGuard Business ID Employee ID Deliver unmatched identity and access management with black-box to black-box level security for communications and data across a single network for organisations and their eco-systems. A VeroGuard employee ID is a unique digital ID allowing for anchored identification, single sign-on, multi-purpose access and verification unified at the user with interoperability across in-house, cloud and hybrid environments. It enables simple, ultra-secure messaging and verifiable identity across the internet, interoperable and compatible with most applications and operating systems. A VeroGuard employee ID replaces ID cards, e-wallets, proximity cards for building access, credit and debit cards, tokens, loyalty cards, licences, e-signatures and more. It’s the only solution that provides indisputable, non-repudiable verification for absolute digital protection. For more information: VeroGuard Employee ID Get VeroGuard Other Solutions Machines People Data Protection Unified, Universal Digital Identity for People Amongst the most pressing concerns currently holding back the effective implementation of a digital economy is that of delivering a secure digital identity. Current identity systems are based on face-to-face interactions, and on physical documents and processes. In a world that is ever more governed by digital transactions and data, existing methods for managing security and privacy are not adequate. The number of identity dependent transactions is growing through increased use of digital channels, and the complexity of these transactions is increasing just as rapidly. Customers have come to expect seamless delivery of services across all platforms and regulators are demanding more transparency around every transaction. Meanwhile, cyber criminals are using more sophisticated technology and tools to conduct their illicit activity. This issue affects every segment of the economy, from government to corporate and even the private citizen. Discover why indisputable, non-repudiable verification of identity is critical to any response against this threat. SOLUTIONS Product: VeroCard

Eliminate the threat of identity fraud in your business and across your supply chain. VeroGuard provides the highest level of protection available for your digital assets and boosts efficiency with the power of indisputable verification. Get VeroGuard Corporate Eliminate the threat of identity fraud in your business and across your supply chain. VeroGuard provides the highest level of protection available for your digital assets and boosts efficiency with the power of indisputable verification. Your organisation’s private internal data deserves the best protection, and nothing less than absolute surety will do. Click below to discover how VeroGuard stops unauthorised access to data and systems. For Solutions The economic impact of cybercrime on businesses is on average a multimillion-dollar concern. Data breaches can prove damaging to any brand and, in fact, for many businesses and executives, such a breach can prove terminal. Adopt a VeroGuard universal digital identity system and rest assured you have the best available protection against fraud. Machines People Data Protection Purpose VeroGuard stops unauthorised access to systems and Data. Adopting our universal digital identity platform enables a single user account to access all authorised systems with just one authentication point. While existing solutions require users to have multiple sets of credentials that must be memorised or written down, indisputable digital verification provides a single, impenetrable entry point to all systems required and eliminates fraud. Employee access isn't the only concern. While this critical data is stored at rest, it can easily become subject to hacking attacks. Why settle for anything less than the best available protection? Security Online security begins with identification, and nothing less than absolute surety will do. Identity systems have always been based on face-to-face interactions, physical documents and processes. The transition to a digital economy requires radically different identity systems. In a world that’s increasingly governed by digital transactions and data, existing methods for managing security and privacy are no longer adequate. The number of digital-identity dependent transactions is growing through increased use of digital channels. Customers expect seamless service delivery with the most user-friendly experience. Indisputable identity verification by VeroGuard stops unauthorised access to systems and data. Energy The VeroGuard platform offers sophisticated cyber security to meet the substantial demands of the modern energy sector. Absolute digital protection is necessary to maintain constant reliability and resilience, even in the event of a cyber-attack. This presents a unique challenge for the energy sector in that systems under attack cannot be easily disconnected from the network as this could potentially result in safety issues or blackouts. VeroGuard supports grid stability in a cross-border interconnected energy network by verifying the authenticity of machines and humans in and across networks. Developed on .net, VeroGuard is an easy platform to integrate with using API’s that will support both legacy and modern applications. Logistics/Supply Chain VeroGuard provides the complete confidence of a fully integrated, ultra-secure supply chain. As demand increases for efficient delivery of online services, so too does the complexity of supply chains for businesses of all sizes. Every additional link in the supply chain, especially those which are automated, represents another opportunity for data to be compromised. The VeroGuard platform secures each step of the process with non-repudiable identity verification and securely links IoT, business and humans. Moreover, it provides reliable and efficient digital infrastructure that converges multiple functions such as security, identity and payments. This helps to manage existing IT complexity and lower risk as well as increasing the speed of cashflow between suppliers. Defence The unique VeroGuard platform can build capability and a defence level security posture for the Industry. Deployment of VeroGuard’s solution would provide a response to the barriers faced by the defence industry’s contractors, immediately lift industry capability and position them to win and service defence business and improve security throughout the ecosystem. VeroGuard delivers an HSM based secure access platform for all industry members and Defence itself to engage and share resources. In combination with universal, unified HSM based digital identity management and the most secure cloud storage available in the world, VeroGuard can help to build a trusted defence industry ecosystem. Ready to get VeroGuard? Take control of your online and digital operations and experience the confidence of absolute protection from identity fraud. Eliminate the danger of data breaches and minimise expenditure with unique identity management solutions, remote login options and industry leading security for data at rest. A single, unified system can achieve all this and more without the need for expensive infrastructure. There's no reason to leave your assets unprotected - the time to act is now.. Prefer to keep your privacy? Call us and see how we can work together +61 (03) 9558 3090

​VeroGuard Systems, in conjunction with Data61, is proud to introduce the most secure cloud storage solution ever conceived. VeroVault provides a level of data protection significantly higher than previously possible in the cloud. For Government A unified, universal digital identity platform for Government departments accelerates the ability to bring services online for citizens, secures data and improves administrational procedure. Click below to discover how VeroGuard can help to streamline your Government department. Find Out More Find Out More For Corporate Industry leading ID management solutions, secure remote login options for staff and the ability to store your organisation’s data assets with confidence. A single, unified system to achieve all this and more. Unique Online Data Storage Here’s how it works. First, the end user is verified and logs in using a PIN on their VeroCard, leveraging the power of indisputable verification to protect the data at the source. The data is encrypted using the physical Hardware Security Module in the VeroCard, ensuring that the data is protected in transit. The encrypted packets of data are then split and stored across a vast array of multiple VeroVault servers, a process not unlike Redundant Array of Independent Disks (RAID). Absolute Online Data Protection VeroVault was designed on the principle that data must be protected at every stage of communication. Protecting data while at rest in the cloud alone is simply not good enough. Utilising a combination of indisputable ID verification, hardware encryption and multi-server data splitting, our proprietary solution directly addresses critical security concerns at all three stages of online communication. VeroVault provides much more than just protection for data at the source, it also takes measures to protect the data while it’s in transit and at rest. Get VeroGuard Other Products VeroCard VeroMod VeroVault VeroVault VeroGuard Systems, in conjunction with Data61, is proud to introduce the most secure cloud storage solution ever conceived. VeroVault provides a level of data protection significantly higher than previously possible in the cloud. Products Solution: Data Protection