Encrypted USB Drives

One of the most effective, cost-efficient cybersecurity solutions

The term “bad actor” once only referred to someone making a living in Tinsel Town. Now governments have used those words to describe rogue operators who carry out missions or perform actions with the intent to weaken or harm a country for the good of another. In no setting is the term more appropriate than in the realm of cybersecurity, where even the leastbad actor can do a world of hurt.

It is a given that in today’s computercentric, mobile lifestyle, everybody—and we do mean everybody—stores and transfers personal (i.e., financial/banking documents, health records, contact information of family members, vacation photos, and more) or work-related (i.e., company budgets, marketing plans, R&D documents, meeting minutes, personnel files, etc.) data. We all store and transfer data. Many of us use USB drives to do so.

With capacities ranging from 256MB to 2TB, their tremendous portability and exceptionally easy ability to be connected to various networks, USB drives have proven their value to literally millions of individuals, businesses, and government agencies. Most of these drives, however, are unencrypted, thus posing a major security risk. While they have revolutionized data storage and transport, their extreme portability has also introduced grave concerns.

They are very susceptible to being lost, breached, and misappropriated with the data on them then possibly shared with all of humanity. That leads to the possibility of critical, classified, sensitive data landing in the wrong hands, the hands of bad actors, if you will.

There is a very simple, cost-effective solution: an encrypted USB drive with strong password protection. Such drives are an essential pillar of a comprehensive data loss-prevention (DLP) strategy. If ever lost, stolen, or misplaced, the data cannot be accessed. Sure, the drive is gone, but the drive’s user will have the peace of mind knowing whatever information was on there remains safe and sound, locked away, untouchable.

Speaking of Trustworthy

Encryption is the most trustworthy means of protecting confidential or sensitive data. Encrypted USB drives combine the mobility advantages of using a USB while protecting the information on the drive. No mobile means is better at keeping confidential information confidential. Confidential information stays confidential.

Companies, such as Kingston Technology, have introduced a range of encrypted USB solutions. Encrypted USB drives are designed to protect the most sensitive data using the strictest security regulations and protocols and help transport data when it needs to move beyond an individual’s or company’s firewall securely and confidently.

Cost wise, encrypted USBs are not as expensive as you might think. In the encrypted vs. non-encrypted argument, consider the costs and consequences of a data breach, lost drive etc., against the low purchase price of a non-encrypted drive. The marginally higher investment in an encrypted drive is well worth it as it minimizes any threat and provides peace of mind. Data lost due to using non-encryption drives can also lead to legal issues (HIPPA, GDPR, etc.) and consequences. Paying a little more up-front for encrypted drives will cost exponentially less than risking a potential data breach and possible fines.

Now, that you have been sold, hopefully, on the importance of using encrypted USB drives as opposed to unencrypted drives for storing or transporting vital data, there is another important choice to make.

USB-drive encryption is performed either through the device’s hardware or software. Hardware-based encrypted USB drives are self-contained, don’t require a software element on the host computer, and are the most effective in combating everevolving cyber threats. Hardware-encrypted USB drives protect against the possibility of brute-force, sniffing, and memory hash attacks due to their security being self-contained inside the drive.

On the other hand, software-based encrypted drives share the computer’s resources with other programs and are only as safe as the computer they are plugged into. The encryption is not done on the USB drive at all. A software program runs on the computer to encrypt data and then store it on the USB drive. To read it back, a software program must again be run on the computer to decrypt the data. Because of this computer- based encryption process, the USB drives themselves are vulnerable.

The Best Defense

A hardware-centric/software-free encryption approach to data security is the best defense against data loss, as it eliminates the most commonly used attack routes. This same software-free method also provides comprehensive compatibility with most OS or embedded equipment possessing a USB port.

Top-of-the-line hardware-based encrypted USB drives, such as the Kingston IronKey, use Advanced Encryption Standard (AES) 256-bit encryption in the most secure XTS mode. Additionally, they are FIPS 140-2 Level 3 certified, meaning the U.S. Government has certified the drive for use by Federal government agencies for certain data classifications, with testing done by certified labs to verify the drive’s security. This certification supports the safeguard that anyone who finds such a drive is highly unlikely to access the information. Such drives generally require a complex password with three or four character sets and a minimum length to make it much harder to guess a password. There are even battery-powered keypad drives, which make it easy to unlock using a keypad code of eight to 15 digits.

Leading USB-drive manufacturers, such as Kingston, offer encrypted USB flash drive customization to create unique, indispensable drives, which is especially helpful to businesses and governmental agencies. Selected features available for customization purposes might include:

Device Serial Numbering: for asset tracking, external and internal serial record.

  • Custom Product Identification (PID): drive is uniquely identified by predetermined combination of vendor ID, product line USB PID, and device USB serial number.
  • Capacities: some USB drive manufacturers are capable of setting the capacity of the encrypted USB drive to any data restrictions a customer wants, for example: 1GB, 512GB, 96MB.
  • Dual Password Option: administrator sets the admin-level password for drive. If user-level password is lost, administrator can use admin password to unlock drive and reset user’s password.
  • Custom Logo/Marking Laser Etching: creates an unique look or presents vital information.
  • Custom Colors: different color casings helps class identification and fulfills other needs.
  • Profile Customization: creates a fully unique product. Specific security requirements can be addressed through custom profile changes, which allows companies to create a drive with personal settings and options.

Other Options

Another option available to businesses and government entities is giving system administrators control over drives deployed across the enterprise or agency’s reach. Available as a cloud-based or onpremises solution, it allows users to establish and secure a centralized workspace or storage command center, where they can easily deploy and manage devices.

Flexible role-based administration is an efficient and cost-effective way to protect data by administering usage and encryption policies, password restrictions, and more from a central console.

Drives in the field can be monitored with a powerful, flexible asset- tracking system, which ensures devices stay current with the latest software through a forced update feature.

Encrypted USB drives are powerful tools in closing security gaps and helping ensure security. And the need for that is something both Dad’s generation and today’s can agree on.

This article originally appeared in the July/August 2019 issue of Security Today.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.