Recommended Secure USB Storage
I have a love-hate relationship with portable hard drives and memory sticks. On one hand, I use them daily. It makes little sense to me to carry a whole computer when all I really need is data. On the other hand, I encrypt my laptop hard drive, and the thought of losing a small device with a lot of personal or client data on it makes me quite uncomfortable.
There are a number of approaches to securing data on portable media. For example, the incredibly popular open source software TrueCrypt allows the creation of encrypted containers that can be stored on any type of media. However, in my experience solutions that require users to choose to secure their data seldom work well in a corporate environment. In summary, there are three solutions I feel comfortable recommending.
LOK-IT is a secure flash drive with a built-in PIN pad. Once the PIN is set, you simply enter it and the plug the device in. The device is simple and effective, and since there is only one volume – a secured one – there is no security decision for the user to make. Every file stored on it is protected. I’ve tested a LOK-IT for a few months and it has quickly become my favourite pocket-size data carrier. LOK-IT is available in Canada from Solantus Inc. (email@example.com) in capacities up to 16 GB.
For larger bulk storage, I have also become a fan of the Aegis Padlock Drive from Apricorn (www.apricorn.com). The Aegis is a portable USB hard drive with a built-in numeric key pad for entering a PIN. I’ve been using a 640 GB USB 2.0 version for some time, and the company has recently released a USB 3.0 version in 250 GB, 500 GB, and 1TB sizes. The product can be purchased with 128-bit AES or 256-bit AES for about $10 more. (I recommend AES 256 to my clients). Apricorn also recently released a flash drive format, but I haven’t had the opportunity to test one yet.
Finally, for corporate use, there’s the Stealth MXP line of products from Imation (www.imation.com), formerly MXI Security. They form factors have changed significantly since I tested them, but the fingerprint authentication means no lost password by users. They also offer management software to allow corporation clients to control access to their devices. While I’m a fan of the management capability, it is more complex and not the best choice for individuals.