Technology Advisor

How Secure is Your USB Drive?

07-28-2009 08:52 AM

Did you hear the recent news story about how identity thieves don't even need your social security number anymore? By using other information about you with which you haven't been as careful, they can employ formulas to guess your SSN with a frighteningly high success rate. It's just more proof that we need to keep an even tighter grip on personal details. But if you carry a USB flash drive around on your keychain, it probably contains at least some confidential information. That's why you were sure to password-protect it, right? Passwords are good, but they won't stop even a moderately skilled evil-doer.

I recently visited with the owner of a local accounting and financial planning firm who told me about IronKey. He raved about it and told me it allows him the convenience of moving Peachtree backup files between his office and his clients' sites without the fear of security vulnerabilities.

IronKey is a slick device that, if nothing else, will give you a little James Bond cachet. It's a USB drive housed in a rugged waterproof metal case. The technical innards are encased in an epoxy-based potting compound (goo) that makes it tamperproof. It uses military-grade AES hardware encryption to keep files secure, and encryption keys are stored on its "Cryptochip." If the device detects a physical attack, the Cryptochip will self-destruct to destroy the encryption keys (Mission Impossible smoke not included).

It includes software for securely managing your passwords and for creating automatic secure backups. It can also run compatible portable software applications and comes with a portable version of Firefox installed. This allows you to use your IronKey at public computers without leaving a trace.

The Enterprise version of IronKey includes online tools for managing password policies, self-destruct sensitivity, and user audit trails. And here's the really cool part: if a former employee or someone else with a valid password has access to one of your IronKeys, you can remotely deny access, delete files, and even destroy the device.

You'll pay a premium for all this security. A 4GB model of the personal version goes for $149, or about $130 more than you'd pay for a standard 4GB drive. Of course, like any insurance, that could turn out to be money very well spent.

Image credit: IronKey.com

Kudos!

Thanks!

All Users' Tags:

Comments

Comments (1 - 1)

09-02-2009 06:17 PM

By KevinF

KevinF

Hi Mike

I use an IronKey and have for a few years, they are great, I highly recommend them. But as you noted they are expensive and into today's economy many people are looking for ways to increase security but on a budget. An option that I have recommended to friends and family is to use a free open source encryption tool called TrueCrypt (http://www.truecrypt.org/) with a normal USB pen drive.

While it is a little more complicated to setup and use than an IronKey, its free and you can put it on virtually any USB drive. They have a pretty good Beginners Tutorial in their Documentation, that should get most users on their way. TrueCrypt also has some really nice advanced options that are not available with the IronKey, that might be beneficial to more tech savvy users. And if users want to add Firefox or other portable apps to the drive they can use applications from http://www.pendriveapps.com/ or http://portableapps.com/

TrueCrypt can also be put on portable hard drives that users often use to backup laptops that only require a USB port and no extra power cables, this gives you much larger capacity over traditional USB pen drives.

There are some portable drives available that have similar functionality to the IronKey. Seagate has one called "BlackArmor PS110" that holds 500Gigs. http://www.seagate.com/www/en-us/products/external/blackarmor/blackarmor_ps_110/ costs about $159.99.

Permalink

Kudos!

Thanks!

Post a Comment

Name

E-Mail (your e-mail will not be shown)

<blockquote><hr>MikeS wrote: Did you hear the <a href="http://www.informationweek.com/news/security/privacy/showArticle.jhtml?articleID=218400854" target="_blank">recent news story</a> about how identity thieves don't even need your social security number anymore? By using other information about you with which you haven't been as careful, they can employ formulas to guess your SSN with a frighteningly high success rate. It's just more proof that we need to keep an even tighter grip on personal details. But if you carry a USB flash drive around on your keychain, it probably contains at least some confidential information. That's why you were sure to password-protect it, right? Passwords are good, but they won't stop even a moderately skilled evil-doer. I recently visited with the owner of a local accounting and financial planning firm who told me about <a href="http://www.ironkey.com" target="_blank">IronKey</a>. He raved about it and told me it allows him the convenience of moving Peachtree backup files between his office and his clients' sites without the fear of security vulnerabilities. <table border="0" cellspacing="0" cellpadding="0" width="100%" align="left"><tbody><tr valign="top"><td width="80%">IronKey is a slick device that, if nothing else, will give you a little James Bond cachet. It's a USB drive housed in a rugged waterproof metal case. The technical innards are encased in an epoxy-based potting compound (goo) that makes it tamperproof. It uses military-grade AES hardware encryption to keep files secure, and encryption keys are stored on its "Cryptochip." If the device detects a physical attack, the Cryptochip will self-destruct to destroy the encryption keys (Mission Impossible smoke not included). It includes software for securely managing your passwords and for creating automatic secure backups. It can also run compatible portable software applications and comes with a portable version of Firefox installed. This allows you to use your IronKey at public computers without leaving a trace. The Enterprise version of IronKey includes online tools for managing password policies, self-destruct sensitivity, and user audit trails. And here's the really cool part: if a former employee or someone else with a valid password has access to one of your IronKeys, you can remotely deny access, delete files, and even destroy the device. You'll pay a premium for all this security. A 4GB model of the personal version goes for $149, or about $130 more than you'd pay for a standard 4GB drive. Of course, like any insurance, that could turn out to be money very well spent.</td><td> </td><td align="center"><img src="https://www.ironkey.com/images/products/ironkey.png" border="0" width="50" height="239" />Image credit: IronKey.com</td></tr></tbody></table><hr></blockquote>

Automatically convert carriage returns to HTML line breaks

Word verification by reCAPTCHA

Type the characters you see in the picture above: Type the numbers you hear:

About Technology Advisor

Find resources and information about technology products and services you may not have known exist. This is where you'll find reviews, news, and notes from Sage Software experts and special guest contributors.

Labels

User	Tags
MikeS	19
Doug	3
Bill_Coleman	3
mobill	3
ShariW	2