resource center
  See your link here
|
Computerworld - USB flash drives are very small, very portable, very convenient -- and very easy to lose. In fact, the question to ask these days isn't how to avoid losing your flash drive, but how to make sure your data is safe when you do. As a result, Computerworld decided it was time to look at seven USB flash drives that are outfitted with security features to keep your data safe.
We did what most IT managers and users would do and asked some of the top vendors for their most secure USB flash drives. All but one of these products use some form of the Advanced Encryption Standard (AES) encryption, either 128-bit or 256-bit (according to experts, there's not much of a difference between 128-bit and 256-bit levels of AES encryption for ordinary purposes, as neither has yet been broken).
There was some variation in the implementation of the encryption on these drives -- some use AES keys derived from a user's password, while others use encryption keys generated by a hardware-based random number generator. (For more information, see our sidebar About Encryption.)
Our three reviewers -- Bill O'Brien, Rich Ericson and Lucas Mearian -- did not test the encryption algorithms themselves (that's a subject for another article), but did test the drives' performance, I/O rates, and CPU utilization. The reviewers also looked at the drives' security features, price, ease of installation, and ease of use.
Each device was tested for speed using Simpli Software's Hd Tach 3.0. Interestingly, the reviewers came up with a wider range of performance numbers than anyone actually expected.
In fact, this turned out to be a very diverse group of drives with features ranging from secure and unsecure data partitioning, to waterproof, stainless-steel cases, to support for passwords of up to 99 characters. In every instance, there are different levels of ingenuity that went into the creation of these handy, very mobile devices, even if the level of protection varies.
This is by no means the definitive list of all the drives available -- only some from the largest vendors and the most highly advertised. There are many types of secure USB drives out there, including those using fingerprint scanning technology (we'll visit those in a later review).
In choosing a secure USB flash drive, you may have to first decide the relative importance of security, price, and speed, and compromise among those three factors. But in the end, we found that one drive stands out above the others.
AES is the successor to the older DES (Data Encryption Standard) and is used by the U.S. government for encrypting secret-level and top-secret-level documents, using the 128-bit and 256-bit strengths respectively.
But it's not enough to offer AES encryption; much depends on how the encryption is deployed. In part, that's because users don't always want to use passwords as long as needed for effective key generation. If a user chooses a password with fewer characters than would make a 128-bit or 256-bit key (one character = 8 bits, so we're talking about passwords of 16 or 32 characters, respectively), the remaining characters often automatically become zeros. That means that the password can more easily be guessed, according to Charles Kolodgy, research director for secure content and threat management products at IDC.
Kolodgy recommends a passphrase versus a password. "The first step is to take care of 90% of the users out there," Kolodgy says. After that, the best solution is to have a random password character generator on the drive.
Some vendors claim there are differences between software-based and hardware-based encryption; according to Kolodgy, that's not hype. In software-based encryption, the keys are placed in the device's memory, so a hacker will know where to look for the keys by their unique format and can target those keys for a brute-force attack, Kolodgy says. In hardware-based encryption, the key never leaves the hardware device, thus you can't access them by simply looking at the device's memory.
But there's only so much due diligence you can do on this front. In the end, there is no way to tell whether a vendor's security is foolproof "apart from a $50,000 or $100,000 engineering effort," says security technologist and author Bruce Schneier in his essay on password security.
As an IT manager, you may even be best off rolling your own. Schneier says he generally purchases inexpensive drives and then encrypts the data on them using PGPDisk encryption software, but you will need to have PGP's Desktop product installed on your computer.
Is Collaboration the buzz word of 2010 or buzzkill?
Read this whitepaper today!
Data in Action: Making the Planet Smarter
Register Now
A Survival Guide For Portable Data Storage in a Unsecure World
Read this whitepaper today!
7 Ways to Optimize VMware Server Virtualization
Download This Whitepaper Now!
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
IT Consolidation and Disaster Recovery- Simply, Cost-effectively, and Simultaneously
Download this complimentary white paper! Provided by 3PAR.
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
Oracle Accelerate - Not Just Smart but Timely
Download Now!
Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.
Sign up to receive updates on the latest Storage resources
Business Continuity ZoneAn organization's business continuity plan helps keep critical functions running during an emergency–the power fails, a virus is unleashed on your network, a natural disaster has occurred. Even the slightest downtime or loss of data can cripple your operation. CDW can help you prevent disaster by implementing a well-planned recovery strategy. Click here to visit the Zone See All Zones 
|
 |
 | Storage Economics: Understanding Tiered Storage Solutions Storage Economics is a suite of methodologies, tools, and services that help customers identify the total cost of storage ownership and provide a tiered storage solution to reduce ongoing costs. Understand the benefits of implementing a tiered storage architecture which include improving storage capacities and easing the access demands to any single storage tier. Learn more. Download this white paper  | Strategies for an Increasingly Cost-Conscious Data Storage World Whatever word you use, we can all agree that the global economy continues to face challenging times. Yet, the essential challenge remains the same: IT demands continue to increase but the resources to address such challenges are being flattened or cut. However, we truly have an opportunity here to do more with less and focus on efficiency. Hitachi can help. Learn more.Download this white paper | Four Principles to Reduce TCO Yes, good news! The good news is that there are proven strategic investments available today for storage infrastructure cost reduction. Smart organizations will follow the principles of Storage Economics to evaluate them not just for their technical prowess but also for how well they can support business performance and particularly efforts to economize. Learn more. Download this white paper |
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
