If you're physically transporting data you don't
want other people to see, you should be doing it on secure media. And what
better than something that hides easily within a pocket? Secure flash drives
that are only about the size of a small cigarette lighter feature robust
hardware security to make them super secure. You'll pay a premium for the
integrated security, but you can't put a price on the peace of mind you get by
knowing that your data is locked down. To get the skinny on the
state-of-the-art in secure flash drives, we took five hardware-encrypted drives
for test spins. The results? As far as security is concerned, it's all systems
go. Three of the units--the Kingston DataTraveler
4000 Managed, the Kanguru Defender 2000, and the CMS CE-Secure Vault FIPS--are
certified to Level 2 of the government's FIPS 140-2 security standard. The Imation Defender F200 ratchets that up
to Level 3. The Apricorn Aegis Secure
Key is being processed for Level 3
certification, though it is not yet certified. Those last two drives add a bit
of panache and intrigue to what otherwise appear outwardly to be garden-variety
flash drives. Imation's Defender F200 has an integrated fingerprint scanner,
while Apricorn's Aegis Secure Key has a PIN-entry keypad. The Defender F200 and
the Aegis Secure Key share an advantage beyond their hint of spy drama--they're
operating-system and device agnostic. The other three drives in our roundup use
client software interfaces to manage access to their data. This limits their
use to Windows, OS X, and, in the case of the Kanguru Defender 2000, Linux.
After you unlock the Defender F200 or the Aegis Secure Key with their hardware
mechanisms, you can use them just as you would a normal USB flash drive. That
means TVs, digital media adapters, printers, tablets, and laptops are all fair
game.
Not in the Fast Lane
Unfortunately, current secure flash drive
performance doesn't match security, largely because they're mired in the USB
2.0 past. In fact, none of the manufacturers reviewed here expect to release a
USB 3.0 model until at least late this year. The fastest drive in this roundup
tested nearly four times slower than two nonsecure USB 3.0 flash drives we
included for comparison. Performance isn't the main reason you buy a secure
flash drive, but you might want to stick with cheaper, smaller-capacity models
until the faster technology shows up. (And pray you never have to get out of
Dodge in a hurry.)
The Secure Advantage...
All the drives in this roundup use the 256-bit
AES hardware encryption required to achieve FIPS 140-2 Level 2 certification.
Though you can certainly secure your data with a normal USB flash drive and
encryption software such as the free TrueCrypt or EncryptStick, a chip is
harder to hack, and to reach it means actually tampering with the drive, which
is easy to detect. FIPS 140-2 (Federal Information Processing Standard,
Publication 140-2), referred to above, is the government’s take on methods for
securing data. It’s not a technology, but rather a definition of what security
mechanisms should do. There are four FIPS 140-2 levels. Level 1 involves using
an approved encryption algorithm (such as AES 256). With Level 2, the
encryption is supplemented by a means to reveal tampering. Level 3 adds
protection for the encrypting mechanisms and algorithms themselves. And with
Level 4, you add physically daunting packaging and fry the data and decrypting
mechanisms if a breach occurs.
...and Manageability
On the software front, an increasingly common
theme for secure flash drives is manageability. Most useful with fleets of
drives, manageability means that the drive's status and security
characteristics may be modified by an administrator--locally, or remotely
across a network or the Web. Using a server console such as BlockMaster’s
SafeConsole or Imation’s ACCESS Server, your friendly IT guys-in-black can set
password strength, force password changes, track logins, and the like. They can
even set drives so that the data partition is hidden unless the unit is in
contact with a server. No less than four of the drives in our roundup are manageable
in this sense: the Defender 2000, the Defender F200, the CE-Secure Vault FIPS,
and the DataTraveler 4000 Managed. The latter is managed only (and available in
an unmanaged version, too), while the previous three may be also be used
unmanaged. The Imation Defender F200 took top honors with its combination of
biometrics, FIPS 140-2 Level 3 certification, and hint of élan, but it's a
mediocre performer. Kanguru's Defender 2000 offers top-notch security and speed
in spades (for a USB 2.0 drive), though the software is a bit immature. The CMS
CE-Secure Vault FIPS and the Kingston DataTraveler are also good USB 2.0
performers, are FIPS 140-2 Level 2-certified, and have good software. The
super-convenient Apricorn Aegis Secure Key would have scored higher if it had
not lost points for both its slow performance and its current lack of FIPS
140-2 certification. Below is our comparison chart of the five secure flash
drives covered in this roundup (click the chart to enlarge it, or view the Top Secure Flash Drives chart online).
No comments:
Post a Comment