Hardware encryption where you need it most

It’s often said that people are the weakest link in an organization’s data protection strategy. And if this is true, then one of the riskiest scenarios comes about when that data is on the move.

Various news reports over recent months have underlined the importance of safeguarding information stored on USB hard drives.

In October last year, the UK’s Heathrow Airport launched an “urgent” investigation after a man discovered a USB drive detailing the airport’s security and anti-terror measures.

The USB, which was found on a London street, was not encrypted or password protected and included maps showing the location of CCTV cameras, escape shafts, and security patrols.

Other recent incidents involving lost or stolen USB hard drives include leaked songs appearing on social media, healthcare patient records being compromised, and massive fines being handed down following the loss of customer data stored on removable devices.

Just last week, reports surfaced that IBM was prohibiting its employees from using removable storage devices at work, with the company citing the “possible financial and reputational damage” from misplaced or lost USBs as the key reason for the ban.

While the above incidents serve to highlight the many security issues brought about by removable storage devices, USB drives play a necessary – sometimes vital – role in day-to-day business operations.

So with this in mind, how do you ensure your data is protected when it’s off site?

For many, password protecting or encrypting your USB devices with software will be enough to provide peace of mind. But although this can be done for free using readily available tools, these methods may still leave some enterprises or individuals with security concerns.

In an effort to address this issue, UK-based iStorage has developed a range of hardware encrypted removable storage devices with in-built PIN authentication.

Hands-on review: datAshur Pro

With capacities ranging from 4GB to 64GB, dataAshur Pro is pegged as an “ultra-secure” USB flash drive.

While the device does everything you would expect from a removable USB drive (with rugged design and high-speed USB 3.0 data transfer), the standout feature is the on-board keyboard for authentication.

With this, users create a 7-15 digit PIN, which is used to unlock the device before it is plugged into a USB port. No password means no access to the data – and what’s more, the drive is intelligently programmed to protect against all forms of brute-force attacks.

Upon the 10th consecutive incorrect PIN entry, the drive assumes it is being attacked and will delete the encryption key and lock itself, rendering all data previously stored on the drive as lost forever. At this point the drive can be reset to factory default settings and redeployed.

Encrypted hardware is one thing, but what’s to stop an attacker from physically tampering with the device in an attempt to circumvent the hardware security protocols?

“The datAshur Pro is a sealed flash drive tested to FIPS 140-2 Level 3,” iStorage spokesperson Holli Cheung told The Daily Swig. “This is a government certification which means that if tampered with, the drive is covered in epoxy resin to prevent access to the components.

“Attempting to remove the epoxy will destroy the circuitry too. The advantage with our datAshur Pro is that you have to physically enter the PIN on the drive to be able to gain access to the data. There is no software, so the datAshur Pro cannot be remotely hacked.”

With data security high on the agenda for businesses of all sizes, it is perhaps unsurprising that iStorage is not the only hardware encrypted USB vendor on the market.

However, what sets datAshur Pro apart from the competition, according to Cheung, is that it is the only PIN authenticated hardware encrypted USB flash drive to undergo rigorous testing standards to achieve NATO Restricted status and feature on NATO’s product catalogue.