
USB flash drive and security - How to protect the contents of a USB
stick

A USB flash drive (USB stick) is very useful when data needs to be
transported from one place to another. A USB flash drive is lightweight
and small in size and can for example be stored in a pocket or in a
wallet. You can also store large amounts of data on USB flash drives, in
some sticks up to 64 GB, so if you need to transport lots of data, using a USB stick can be very convenient.
Security risks
USB flash drives are useful, but there are some security risks to
consider when carrying a USB flash drive – it can be lost or stolen.
This is really of great concern if the drive contains sensitive
information, for example financial information, business plans, source
code for software, employee data, technical drawings etc. To prevent
that the information may end up in the wrong hands there are USB flash
drives available that can protect the data that is stored on the drive.
The data will be stored encrypted and nobody can access the data without
correct password, pin code, fingerprint or other authentication information.
Examples of USB flash drives (USB sticks) that can protect
data
Below we will give some examples of USB flash drives where security has
been in focus when they were constructed. They use all a hardware based
system to protect the contents of the drive.
Sandisk Cruzer Professional
- USB flash drive
Sandisk Cruzer Professional uses a hardware based encryption system to
encrypt data, and sensitive information is stored in a special
password-protected partition on the USB flash drive. Less sensitive
information can be stored in a public area for easy access and sharing.
Strong 256-bit AES encryption is used to protect the data. Up to 8 GB
can be stored on the USB stick.
More information
Cruzer Professional - USB Flash Drive for Businesses |
Corsair Flash Padlock 2
- USB flash drive
Corsair Flash Padlock 2 uses a built-in 256-bit hardware AES encryption
to protect data, and a 4-10 digit PIN code must be entered (directly on
the USB stick) before data can be accessed. A ruggedized rubber cover
protects the USB stick from accidental physical damage. Up to 16 GB can
be stored on the USB stick.
More information
Corsair Flash Padlock 2 - USB Flash
Drive
|
Kingston DataTraveler 5000
- USB flash drive
Kingston DataTraveler 5000 is a
FIPS 140-2 level 2 certified USB flash
drive that
uses a hardware-based 256-bit AES encryption (in XTS mode) to protect data,
which gives a very high level of
security. The encryption functions in DataTraveler have been developed by
Spyrus - a company that also makes secure USB flash drives. One of
the customers to Spyrus is US Army, which has very high demands on
security. You can read more about the Kingston and Spyrus co-operation
here.
Up to 16 GB can be stored on this USB stick.
More information
Kingston DataTraveler 5000
- USB Flash Drive
|
IronKey
Enterprise S200
- USB flash drive
IronKey Enterprise S200
is a
FIPS 140-2 level 3 certified USB flash drive, which will give a
very high degree of security. IronKey Enterprise protects data using
strong AES 256-bit hardware encryption, and a cloud-based system, named
IronKey Enterprise Management Service, gives administrators full control
of deployed USB flash drives over the Internet. An administrator can
remotely disable devices and erase data if needed. IronKey Enterprise
has also an active anti-malware protection built-in. Up to 16 GB can
be stored on this USB stick.
More information
IronKey Enterprise - USB Flash Drive
|
There are more
USB flash drives available on the market that can protect data.
For example Kingston has also a USB stick (Kingston DataTraveler 6000)
that is FIPS 140-2 level 3 certified. And there are also USB
sticks with less security,
and that uses software to protect data instead, like
SanDisk Cruzer Switch.
The FIPS 140-2 Standard
FIPS 140-2, that is mentioned in
the text above, is a computer security
standard that is used to accredit cryptographic modules. The
FIPS 140-2 standard was created by NIST (National Institute of
Standards Technology) and it specifies 4 different security
levels:
Security level 1
This is the lowest level of security. At least one approved
algorithm or approved security function must be used but no
physical security mechanism is required beyond the basic
requirement for production-grade components.
Security level 2
This is the second lowest level and it requires that it is
impossible to open, or tampering with, the physical device
without leaving traces.
Security level 3
Security level 3 requires that the device detects when
somebody tries to open it and tries to protect the information
in different ways.
Security level 4
This is the highest level of security and
requires that all sensitive information (like cryptographic keys
and authentication data) are immediately destroyed if an
intruder tries to open the device or tries to get access to it in other
way.
More information about FIPS
140-2 is available
in this
Wikipedia article. |
Software
protection and encryption
There are
software security systems that can protect information without being
dependent of hardware or depended of a specific USB stick manufacturer.
The software solutions are in some cases less secure than hardware solutions, but mostly
the security level they provide is enough for common use. One of the
biggest advantages of using a software solution is that it is much cheaper.
Secure hardware solutions are often quite expensive, so if you need to
buy large quantities of USB sticks it will cost a lot if you choose USB
sticks with hardware protection.
One example of a software solution is our tool
SamLogic CD-Menu Creator that despite of its name also can
be used with USB flash drives, and can be used to protect data on
a drive. The tool has built-in functions for encryption and
password handling, and these functions can be used to protect
documents, pictures, drawings, videos etc. The security
functions in CD-Menu Creator can prevent
unauthorized access of files, if for example the USB stick is lost or
stolen. All sensitive files are stored encrypted on the USB
flash drive.
BitLocker To Go in
Windows 7 can also protect a USB flash drive
BitLocker To Go is a new feature in Windows 7 that can be used to encrypt data on
a USB flash drive.
When you connect the USB drive to a computer with Windows 7
installed, you are prompted for a password, and you must
enter the correct password to unlock the drive and access the contents.
It is also possible to access the contents from Windows Vista and
Windows XP, if you run special program named BitLocker To Go Reader that
is distributed with the USB flash drive (it is installed automatically
on the drive by Windows 7). But one difference, compared to Windows 7,
is that you can only view files and copy them, but you cannot write any
contents back. The USB flash drive will be read-only.
Do you want to read more articles
and tips?
If you want to read
more articles and tips about USB flash drives and related topics you can
follow us on
Facebook or
Twitter, or subscribe on our
newsletter. You can also read our
blog. |
|
|
Related products:
SamLogic CD-Menu
Creator
SamLogic USB
AutoRun Creator
Other articles
More articles are available from the article index page.
|
Protect Your
USB Stick
A software solution that can
protect files on USB flash drives.
>
Read More Here |
|