Computerworld - IronKey compares its Secure Flash Drive to an iPod, saying it's a hardware, software and online service all rolled into one product. I don't know about the iPod comparison, but from a security standpoint, this flash drive is impressive. The IronKey Cryptochip uses government-approved AES CBC-mode 128-bit encryption at the firmware level -- meaning you can't open the case, remove the chip and access the data.
We tested the 4GB model. The drive comes in a sleek, stainless-steel, waterproof case that feels sturdy and quite heavy compared to other USB drives I've used. Security-wise, what I liked right off the bat about this drive is that the case cannot be pried open because there are simply no seams. I like the size of this drive as well. I'm not a big fan of mini-USB flash drives for the simple fact that they're too easily lost (I know this from experience). This drive is the size of a thin pack of gum -- perfect.
The first thing the IronKey drive asked me after I plugged it into my laptop's USB port was to set up my username and password and configure a secure Web browser, which takes about two minutes. (There is little about setting up this device that is fast, including read/writes, but keep in mind that you're sacrificing speed for security.) To use the IronKey flash drive, you need to activate an online account. This is a necessary step to enable certain services -- such as online password backup, device and software updates -- and to access IronKey's encrypted Web-surfing service, which uses Mozilla's Firefox.
Besides creating an online username and password, you'll be asked to supply answers to three supplemental authentication questions that will verify your identity in case you ever lose your username or password. Failing to answer the questions accurately will lock you out of your account permanently.
After filling out your supplemental authentication questionnaire, IronKey then asks you to choose a photo from a group of antiphishing/antipharming protection images so that every time you log into your online account, the images appear and you can be assured it's IronKey and not a counterfeit site. But you're not done yet. Now you must also create a security phrase consisting of letters and numbers, which will also be used to authenticate your identity when you log into the site. Finally (and believe me, I was happy to know this was the last step), the company e-mails you an activation code that you must enter in a window to complete your online setup. The company does allow you to change personal security information at anytime by accessing account settings.
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
