Why Hardware-Encrypted USB Drives Are the Best Option for Regulatory Compliance in 2022

  • By Richard Kanadjian
  • Feb 07, 2022

Many governments and industries worldwide have mandated that various forms of personal data be protected by encryption while at rest or in transit. A few examples of commonly known regulations are HIPAA in health care, GDPR in the European Union, the California Consumer Privacy Act (CCPA), and Payment Card Industry Data Security Standard (PCI DSS). Non-compliance to a single regulation can lead to heavy-duty fines and loss of corporate reputation, loss of business, and legal implications.

Many individuals in charge of companies' IT departments or security issues deal with strained budgets. As a result, they are moving to software encryption, which can offer the exact same encryption capabilities – such as AES-256 XTS – as do more expensive hardware-encrypted USB drives, for compliance purposes, unaware of the dark side of software encryption: it is not compliant with regulations.

The issue is that users can easily remove the software-encryption feature from their USB drives. The primary reason they do so is for access to the files without use of a password, or they forgot the password but needed to use the drive. In the 15 seconds, it takes to do that, all stored encrypted files are removed, and the drive is ready for users to copy new files to the drive for easy – albeit unencrypted – access. Hence, software encryption is considered removable encryption.

How do hardware-encrypted USB drives meet an organization's needs for regulatory compliance? Read on.

1. Hardware encrypted USB drives have encryption that is always ON

There is no way for users to turn off encryption, reset the password rules (minimum length, complexity, etc.), and disable the automatic password retries.

Unlike software encryption, which does not prevent repeated password guessing through software dictionary attacks, hardware-encryption limits password retries to 10 times or fewer – and wipes out the data when the wrong passwords are entered ten times in a row. This is very secure in the age of supercomputers.

2. Hardware-encrypted drives use premium encryption controllers and incorporate many security features

While manufacturers, such as Kingston, don't always disclose all security countermeasures, there is a countermeasure to protect against BadUSB that we can discuss. At the factory, when the firmware is loaded on hardware-encrypted drives only, the firmware is digitally signed and loaded. This means that when these encrypted USBs are plugged in, the encryption controller first checks the integrity of the firmware through the digital signature and only loads it if it passes. Any attempt to replace the firmware will brick the drive, becoming non-functional.

3. Hardware encrypted USB drives can have custom Product IDs (PIDs) set up for a specific company

These premium drives can have a digital identifier programmed into them so that if a drive is plugged into the company's inner or outer firewall, the drive can be identified as a company-issued drive. For example, if an employee loses the company drive and buys the same model at retail, the newly purchased drive will not validate on the company network. This customization adds another layer of security to the use of USB drives.

4. Hardware-encrypted drives save money very quickly

The reduction and elimination of risks make the payback cycle very short. Plus, the peace of mind of knowing you are compliant and safe from the cost of being hacked, as well as the cost leveled at you for not being compliant, is worth something.

Hardware-Based Encryption...

  • Uses a dedicated processor, physically located on the encrypted drive
  • Processor contains a random number generators to generate an encryption key, which is unlocked by the user's password
  • Offers increased performance by off-loading encryption from the host system
  • Includes safeguard keys and critical security parameters within crypto-hardware
  • Authentication takes place on the hardware
  • It does not require any type of driver installation or software installation on the host PC
  • Protects against the most common attacks, such as cold-boot attacks, malicious code, brute force attacks

About the Author

Richard Kanadjian is the business manager of Kingston Technology’s Encrypted USB unit.

Featured

  • Cutting Retail Losses

    Retail is still a more complex and dynamic security vertical in modern society. Inherent challenges with in-store and distribution center operations are primarily due to constantly shifting consumer buying trends. Retailers must show daily flexibility to keep workers, meet sales goals and attract customers while maintaining safe and efficient operations. Retail is an intricate web of interconnected elements. Read Now

  • The Key to Wellbeing in the Office

    A few years ago, all we saw in the news was the ‘great resignation.’ Now we have another ‘great’ to deal with. According to CBRE, 2023 was the start of the ‘great return’ as office workers returned to their normal offices after working from home. The data shows that two-thirds of all U.S office buildings were more than 90% leased as of Q2 2023. Read Now

  • Failed Cybersecurity Controls Costing U.S. Businesses $30 Billion Yearly

    Panaseer recently released ControlWatch and the Continuous Controls Battle: Panaseer 2025 Security Leaders Report examining the cost of cybersecurity control failures and the impact of growing personal liability for security failings on security leaders. The report analyzes the findings of a survey of 400 security decision makers (SDMs) across the US and UK. It shows that security leaders feel under increasing pressure to provide assurances around cybersecurity, exposing them to greater personal risk – yet many lack the data and resources to accurately report and close cybersecurity gaps. Read Now

  • The Business Case for Video Analytics: Understanding the Real ROI

    For security professionals who may be hesitant to invest in video analytics, now's the time to reconsider. In a newly released Omdia report commissioned by BriefCam (now Milestone Systems), the research firm uncovered a compelling story: more than 85% of North American and European organizations that use video analytics achieve a return on investment within just one year. The study, which surveyed 140 end users across multiple industries, demonstrates that security technology is no longer just for security — it's a cross-organizational tool that delivers measurable business value far beyond traditional safety applications. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3