Data storage vendor Kingston recently warned customers of a flaw in several of its secure USB drives that could allow an attacker to access sensitive information.
Data storage vendor Kingston recently warned customers of a flaw in several of its secure USB drives that could allow an attacker to access sensitive information.According to the company, the flaw affects its DataTraveller BlackBox, DataTraveller Secure, and Elite Privacy USB drives. Kingston currently sells only the BlackBox, but resellers may still stock the latter two models -- and, of course, plenty of customers already own them.
The attack has not compromised any of the company's other secure drive models.
Origin Storage executive Andy Cordial observes that getting the word out to companies that own one of the compromised drives could be a problem:
"Although the Secure and Elite Privacy units are no longer on sale, there are a number of these secure USB drives in active use by public and private sector organisations - who's going to tell them their supposedly secure drives are hackable?", he said.
Because of these issues, he added, any organisation considering a secure method of storing, transporting and/or sharing data should select only those systems that use the most powerful encryption technology - and preferably with an additional layer of protection, such as a PIN / password system, on top of the encryption.
Full disclosure: Origin Storage is a competitor to Kingston that sells encrypted storage devices. I won't vouch for the company's products, but I will vouch for the quality of Mr. Cordial's advice. Buying secure storage based solely on its price tag, without scrutinizing the underlying encryption and other protective technologies, is a recipe for trouble -- especially at a time when government regulators are on the warpath against companies with sloppy data-security practices.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.