Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Portable storage for the paranoid: We test two secure USB drives on keypad vs. software security

Jon L. Jacobi | March 20, 2015
Encrypted storage on a stick is expensive, so consider security method as well before you buy. We test examples of each approach.


Congratulations: You've decided your data is sensitive enough (or you're paranoid enough) to store it on a secure USB drive. Basically encrypted storage on a stick, these portable flash drives come with FIPS 140-2 level three validation, meaning the cryptographic module will be rendered inoperable if tampering is detected. It costs quite a bit to acquire validation, which is part of the reason for premium pricing of these drives.

Most people administer and unlock secure USB drives using software apps, which run on the host machines to interact with the drive. That's the approach taken by the KingstonData Traveler 4000 G2 (second generation) USB 3.0 thumb drive that's reviewed here.

The other method is to put a numeric keypad on the drive itself that lets the user to unlock it with a PIN. Apricorn's Aegis Secure Key 3.0 USB 3.0 thumb drive is a popular implementation of this less common method, and we've tested this device as well.

The upside to software is that it's cheaper to implement, and if done properly, extremely secure. But the vendor must also provide an app for every operating system the drive will encounter, and you're pretty much limited to desktops or laptops.

A keypad drive is hardware-agnostic. That is, once unlocked, you can use it with anything that recognizes USB mass storage--car stereos, media players, and Smart TVs, for example, as well as PCs and tablets. Few people need to access their sensitive data on anything other than a computer, but if you do, a secure flash drive with a keypad is the way to go.

If it weren't for the label and a slightly heftier feel, you couldn't tell the Data Traveler 4000 G2 from a non-secure USB thumb drive. The drive is divvied up into a 16MB portion that emulates a CD containing the installer for Windows, OS X, and Linux, and the data partition, which becomes available after you create and enter a password.

The software is simple, elegant and seems secure. However, I think it should have a secure virtual keyboard for entering data when you suspect or are worried that your keystrokes are being logged.

The Aegis Secure Key 3.0 is a bit larger than your normal flash thumb drive. That's to accommodate a usably sized keypad, which in this case consists of two columns of number keys (0-9), a lock button, an unlock button, and three status lights (red, green and blue).

The keypad runs off of a rechargeable battery when the drive is out of the USB port. This is a must--accessing the keypad when the drive is inserted into a USB port can be awkward or worse.


1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.