Encrypted USB Drives

One of the most effective, cost-efficient cybersecurity solutions

The term “bad actor” once only referred to someone making a living in Tinsel Town. Now governments have used those words to describe rogue operators who carry out missions or perform actions with the intent to weaken or harm a country for the good of another. In no setting is the term more appropriate than in the realm of cybersecurity, where even the leastbad actor can do a world of hurt.

It is a given that in today’s computercentric, mobile lifestyle, everybody—and we do mean everybody—stores and transfers personal (i.e., financial/banking documents, health records, contact information of family members, vacation photos, and more) or work-related (i.e., company budgets, marketing plans, R&D documents, meeting minutes, personnel files, etc.) data. We all store and transfer data. Many of us use USB drives to do so.

With capacities ranging from 256MB to 2TB, their tremendous portability and exceptionally easy ability to be connected to various networks, USB drives have proven their value to literally millions of individuals, businesses, and government agencies. Most of these drives, however, are unencrypted, thus posing a major security risk. While they have revolutionized data storage and transport, their extreme portability has also introduced grave concerns.

They are very susceptible to being lost, breached, and misappropriated with the data on them then possibly shared with all of humanity. That leads to the possibility of critical, classified, sensitive data landing in the wrong hands, the hands of bad actors, if you will.

There is a very simple, cost-effective solution: an encrypted USB drive with strong password protection. Such drives are an essential pillar of a comprehensive data loss-prevention (DLP) strategy. If ever lost, stolen, or misplaced, the data cannot be accessed. Sure, the drive is gone, but the drive’s user will have the peace of mind knowing whatever information was on there remains safe and sound, locked away, untouchable.

Speaking of Trustworthy

Encryption is the most trustworthy means of protecting confidential or sensitive data. Encrypted USB drives combine the mobility advantages of using a USB while protecting the information on the drive. No mobile means is better at keeping confidential information confidential. Confidential information stays confidential.

Companies, such as Kingston Technology, have introduced a range of encrypted USB solutions. Encrypted USB drives are designed to protect the most sensitive data using the strictest security regulations and protocols and help transport data when it needs to move beyond an individual’s or company’s firewall securely and confidently.

Cost wise, encrypted USBs are not as expensive as you might think. In the encrypted vs. non-encrypted argument, consider the costs and consequences of a data breach, lost drive etc., against the low purchase price of a non-encrypted drive. The marginally higher investment in an encrypted drive is well worth it as it minimizes any threat and provides peace of mind. Data lost due to using non-encryption drives can also lead to legal issues (HIPPA, GDPR, etc.) and consequences. Paying a little more up-front for encrypted drives will cost exponentially less than risking a potential data breach and possible fines.

Now, that you have been sold, hopefully, on the importance of using encrypted USB drives as opposed to unencrypted drives for storing or transporting vital data, there is another important choice to make.

USB-drive encryption is performed either through the device’s hardware or software. Hardware-based encrypted USB drives are self-contained, don’t require a software element on the host computer, and are the most effective in combating everevolving cyber threats. Hardware-encrypted USB drives protect against the possibility of brute-force, sniffing, and memory hash attacks due to their security being self-contained inside the drive.

On the other hand, software-based encrypted drives share the computer’s resources with other programs and are only as safe as the computer they are plugged into. The encryption is not done on the USB drive at all. A software program runs on the computer to encrypt data and then store it on the USB drive. To read it back, a software program must again be run on the computer to decrypt the data. Because of this computer- based encryption process, the USB drives themselves are vulnerable.

The Best Defense

A hardware-centric/software-free encryption approach to data security is the best defense against data loss, as it eliminates the most commonly used attack routes. This same software-free method also provides comprehensive compatibility with most OS or embedded equipment possessing a USB port.

Top-of-the-line hardware-based encrypted USB drives, such as the Kingston IronKey, use Advanced Encryption Standard (AES) 256-bit encryption in the most secure XTS mode. Additionally, they are FIPS 140-2 Level 3 certified, meaning the U.S. Government has certified the drive for use by Federal government agencies for certain data classifications, with testing done by certified labs to verify the drive’s security. This certification supports the safeguard that anyone who finds such a drive is highly unlikely to access the information. Such drives generally require a complex password with three or four character sets and a minimum length to make it much harder to guess a password. There are even battery-powered keypad drives, which make it easy to unlock using a keypad code of eight to 15 digits.

Leading USB-drive manufacturers, such as Kingston, offer encrypted USB flash drive customization to create unique, indispensable drives, which is especially helpful to businesses and governmental agencies. Selected features available for customization purposes might include:

Device Serial Numbering: for asset tracking, external and internal serial record.

  • Custom Product Identification (PID): drive is uniquely identified by predetermined combination of vendor ID, product line USB PID, and device USB serial number.
  • Capacities: some USB drive manufacturers are capable of setting the capacity of the encrypted USB drive to any data restrictions a customer wants, for example: 1GB, 512GB, 96MB.
  • Dual Password Option: administrator sets the admin-level password for drive. If user-level password is lost, administrator can use admin password to unlock drive and reset user’s password.
  • Custom Logo/Marking Laser Etching: creates an unique look or presents vital information.
  • Custom Colors: different color casings helps class identification and fulfills other needs.
  • Profile Customization: creates a fully unique product. Specific security requirements can be addressed through custom profile changes, which allows companies to create a drive with personal settings and options.

Other Options

Another option available to businesses and government entities is giving system administrators control over drives deployed across the enterprise or agency’s reach. Available as a cloud-based or onpremises solution, it allows users to establish and secure a centralized workspace or storage command center, where they can easily deploy and manage devices.

Flexible role-based administration is an efficient and cost-effective way to protect data by administering usage and encryption policies, password restrictions, and more from a central console.

Drives in the field can be monitored with a powerful, flexible asset- tracking system, which ensures devices stay current with the latest software through a forced update feature.

Encrypted USB drives are powerful tools in closing security gaps and helping ensure security. And the need for that is something both Dad’s generation and today’s can agree on.

This article originally appeared in the July/August 2019 issue of Security Today.

Featured

  • Top 5 Cybersecurity Trends of 2023

    Top 5 Cybersecurity Trends for 2023

    Cybersecurity is a rapidly evolving field, and staying on top of the latest trends is essential for organizations looking to protect themselves from cyber threats. Read Now

  • See How Reddit Users Have Unlocked the Dark Side of ChatGPT

    See How Reddit Users Have Unlocked the Dark Side of ChatGPT

    In less than four months after its debut, ChatGPT continues to garner attention from users all around the world who have made use of the AI system that answers questions, creates computer code, and much more. Read Now

  • Enforcing Zero Trust in a Hybrid Work Environment

    Enforcing Zero Trust in a Hybrid Work Environment

    The effects of the pandemic have rippled across the business world like a meteor hitting a pond, creating a new plethora of challenges that incorporated into MBA curriculum for years to come. Read Now

  • First Responders Give NIST Their Communications Tech Wish Lists

    First Responders Give NIST Their Communications Tech Wish Lists

    Our first responders have spoken. An extensive research project conducted by experts at the National Institute of Standards and Technology (NIST) reveals what our country’s police, fire, emergency medical and 911 dispatch responders think about the communications technology they use on a regular basis and how they would like developers to improve it in the future. Read Now

Featured Cybersecurity

New Products

  • Tyco Kantech EntraPass security management software

    Tyco Kantech EntraPass security management software

    Johnson Controls, the global leader in smart, healthy and sustainable buildings, and architect of the Open Blue digital connected platforms, has released the newest version of the Tyco Kantech EntraPass security management software. 3

  • LiftMaster Garage Door Opener

    LiftMaster Garage Door Opener

    LiftMaster Transforms the Garage Door Opener Into a Sleek Smart Home Device That Does More Than Open and Close the Garage Door 3

  • Schlage RC reader controller

    Schlage RC Reader Controller

    This new innovative device combines the power of the Pure IP™ access control technology pioneered by ISONAS with Schlage’s intelligent hardware and credentials, delivering a comprehensive and cost-effective perimeter solution to customers. 3