Encrypted USB Drives

One of the most effective, cost-efficient cybersecurity solutions

The term “bad actor” once only referred to someone making a living in Tinsel Town. Now governments have used those words to describe rogue operators who carry out missions or perform actions with the intent to weaken or harm a country for the good of another. In no setting is the term more appropriate than in the realm of cybersecurity, where even the leastbad actor can do a world of hurt.

It is a given that in today’s computercentric, mobile lifestyle, everybody—and we do mean everybody—stores and transfers personal (i.e., financial/banking documents, health records, contact information of family members, vacation photos, and more) or work-related (i.e., company budgets, marketing plans, R&D documents, meeting minutes, personnel files, etc.) data. We all store and transfer data. Many of us use USB drives to do so.

With capacities ranging from 256MB to 2TB, their tremendous portability and exceptionally easy ability to be connected to various networks, USB drives have proven their value to literally millions of individuals, businesses, and government agencies. Most of these drives, however, are unencrypted, thus posing a major security risk. While they have revolutionized data storage and transport, their extreme portability has also introduced grave concerns.

They are very susceptible to being lost, breached, and misappropriated with the data on them then possibly shared with all of humanity. That leads to the possibility of critical, classified, sensitive data landing in the wrong hands, the hands of bad actors, if you will.

There is a very simple, cost-effective solution: an encrypted USB drive with strong password protection. Such drives are an essential pillar of a comprehensive data loss-prevention (DLP) strategy. If ever lost, stolen, or misplaced, the data cannot be accessed. Sure, the drive is gone, but the drive’s user will have the peace of mind knowing whatever information was on there remains safe and sound, locked away, untouchable.

Speaking of Trustworthy

Encryption is the most trustworthy means of protecting confidential or sensitive data. Encrypted USB drives combine the mobility advantages of using a USB while protecting the information on the drive. No mobile means is better at keeping confidential information confidential. Confidential information stays confidential.

Companies, such as Kingston Technology, have introduced a range of encrypted USB solutions. Encrypted USB drives are designed to protect the most sensitive data using the strictest security regulations and protocols and help transport data when it needs to move beyond an individual’s or company’s firewall securely and confidently.

Cost wise, encrypted USBs are not as expensive as you might think. In the encrypted vs. non-encrypted argument, consider the costs and consequences of a data breach, lost drive etc., against the low purchase price of a non-encrypted drive. The marginally higher investment in an encrypted drive is well worth it as it minimizes any threat and provides peace of mind. Data lost due to using non-encryption drives can also lead to legal issues (HIPPA, GDPR, etc.) and consequences. Paying a little more up-front for encrypted drives will cost exponentially less than risking a potential data breach and possible fines.

Now, that you have been sold, hopefully, on the importance of using encrypted USB drives as opposed to unencrypted drives for storing or transporting vital data, there is another important choice to make.

USB-drive encryption is performed either through the device’s hardware or software. Hardware-based encrypted USB drives are self-contained, don’t require a software element on the host computer, and are the most effective in combating everevolving cyber threats. Hardware-encrypted USB drives protect against the possibility of brute-force, sniffing, and memory hash attacks due to their security being self-contained inside the drive.

On the other hand, software-based encrypted drives share the computer’s resources with other programs and are only as safe as the computer they are plugged into. The encryption is not done on the USB drive at all. A software program runs on the computer to encrypt data and then store it on the USB drive. To read it back, a software program must again be run on the computer to decrypt the data. Because of this computer- based encryption process, the USB drives themselves are vulnerable.

The Best Defense

A hardware-centric/software-free encryption approach to data security is the best defense against data loss, as it eliminates the most commonly used attack routes. This same software-free method also provides comprehensive compatibility with most OS or embedded equipment possessing a USB port.

Top-of-the-line hardware-based encrypted USB drives, such as the Kingston IronKey, use Advanced Encryption Standard (AES) 256-bit encryption in the most secure XTS mode. Additionally, they are FIPS 140-2 Level 3 certified, meaning the U.S. Government has certified the drive for use by Federal government agencies for certain data classifications, with testing done by certified labs to verify the drive’s security. This certification supports the safeguard that anyone who finds such a drive is highly unlikely to access the information. Such drives generally require a complex password with three or four character sets and a minimum length to make it much harder to guess a password. There are even battery-powered keypad drives, which make it easy to unlock using a keypad code of eight to 15 digits.

Leading USB-drive manufacturers, such as Kingston, offer encrypted USB flash drive customization to create unique, indispensable drives, which is especially helpful to businesses and governmental agencies. Selected features available for customization purposes might include:

Device Serial Numbering: for asset tracking, external and internal serial record.

  • Custom Product Identification (PID): drive is uniquely identified by predetermined combination of vendor ID, product line USB PID, and device USB serial number.
  • Capacities: some USB drive manufacturers are capable of setting the capacity of the encrypted USB drive to any data restrictions a customer wants, for example: 1GB, 512GB, 96MB.
  • Dual Password Option: administrator sets the admin-level password for drive. If user-level password is lost, administrator can use admin password to unlock drive and reset user’s password.
  • Custom Logo/Marking Laser Etching: creates an unique look or presents vital information.
  • Custom Colors: different color casings helps class identification and fulfills other needs.
  • Profile Customization: creates a fully unique product. Specific security requirements can be addressed through custom profile changes, which allows companies to create a drive with personal settings and options.

Other Options

Another option available to businesses and government entities is giving system administrators control over drives deployed across the enterprise or agency’s reach. Available as a cloud-based or onpremises solution, it allows users to establish and secure a centralized workspace or storage command center, where they can easily deploy and manage devices.

Flexible role-based administration is an efficient and cost-effective way to protect data by administering usage and encryption policies, password restrictions, and more from a central console.

Drives in the field can be monitored with a powerful, flexible asset- tracking system, which ensures devices stay current with the latest software through a forced update feature.

Encrypted USB drives are powerful tools in closing security gaps and helping ensure security. And the need for that is something both Dad’s generation and today’s can agree on.

This article originally appeared in the July/August 2019 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3