Keep your important files mobile but safe with these USB thumb drives -- most under $100 -- from Kingston, SanDisk, Lexar, Imation, and more, which offer enhanced protection via encryption, biometrics, and self-destruct mechanisms.
Many people have already discovered the convenience of using USB thumb drives to shuttle information between home, office, vacation, and other locations. But with convenience comes risk. What can be done to ensure that enterprise data remains safe even if a drive is lost?
USB-drive vendors offer a wide range of "secure" devices, addressing the demand for a more secure sneakernet. Here are a few things to look for:
Authentication: Password, biometric, or both? If password, how long can the password be? How insistent is the software in enforcing strong passwords and rotating passwords? How many unsuccessful attempts can a user make to enter a password before the device erases itself?
Encryption: Does the device itself offer encryption, or does the password simply prevent the drive from being mounted through ordinary channels? How strong is the encryption? The current standard is AES 256-bit encryption, although some consumer-oriented devices still offer 128-bit.
Road-worthiness: Depending on your security needs, this may be either a feature or a failing. Some secure USB drives require the ability to run applications on the host computer. In locked-down computer labs and Internet cafés, these USB drives that depend on built-in software may not work at all.
We have selected 12 representative USB drives that illustrate the variety of choices in the marketplace. Remember that just because you're carrying a "secure" USB drive doesn't mean that when you plug it into a strange computer (or your own) that you're inoculated against worms, viruses, keystroke logging software, DRAM attacks, and other scary critters from the bestiary of information security. Be careful out there!
The Kingston DataTraveler Elite Privacy (DTEP) comes shipped with 100% encryption across the entire USB drive. Any files stored on the device will be automatically encrypted by the hardware; conversely, files copied onto a host computer will be decrypted.
Because the encryption doesn't require an application on the host PC, DTEP can be used at locations such as an Internet cafés, where there's no expectation of having Windows administrator access.
Upon using DTEP for the first time, the user is asked to create a password containing from six to 16 characters, with a sufficient number of mixed-case and special characters. After 10 incorrect password attempts the drive will no longer function without reformatting. Users can also enter contact information accessible from the logon screen.
Kanguru Bio AES
Storage Capacity: 1 Gbyte, 2 Gbytes, 4 Gbytes, or 8 Gbytes Casing: Standard Encryption: 256-bit AES encryption Special features: Fingerprint reader combined with password for two-factor authentication Speed: 10-Mbps read, 5-Mbps write Price: $80 / $100 / $130 / $180
The Windows-compatible Kanguru Bio AES includes a fingerprint reader as the second of two layers of authentication.
Upon connecting the device, the Kanguru BioLock application will prompt the user to enter a six-character password and a swiped fingerprint. Up to 10 fingers can be enrolled. While the manual recommends use of mixed-case characters, numbers, and symbols, the software does not enforce these recommendations.
Once connected, BioLock aims to be your replacement for Windows Explorer. While it's possible to drag-and-drop to the Bio AES, users are strongly encouraged to use the BioLock interface to move files, so as to more efficiently perform encrypt/decrypt functions.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.