I love the idea of being able to use flash drives safely. There are many applications where a flash drive provides the convenience and portability that organizations need. Flash drives lend themselves well to everyday tasks like sharing large files with colleagues or backing up an entire data collection.
Everyone understands that using an encrypted flash drive can be more secure than exposing data to the internet, but what about the drive’s physical security? What if someone gets their hands on it?
There are, of course, solutions available to protect against unauthorized access to an encrypted flash drive. There are drives with keypads built right in. There are flash drives that can only be accessed by secure software running on a PC. These are good solutions, and these technologies have brought the beloved flash drive back from near extinction; back from the days when they were looked upon as a data breach waiting to happen.
Recently I was afforded the opportunity to evaluate a new flash drive that, for my needs, is even a step up from what has been available on the market. Below are the good and the bad. Why it works well for me and what challenges I identified.
I evaluated the iStorage datAshur BT 64GB hardware-encrypted flash drive. They retail for about $130.
To be clear, iStorage did not sponsor this review, nor do they advertise on our site. They did, however, provide a device free of charge for our review purposes.
Also to be clear, Brilliance Security Magazine does not have what many would consider high-security concerns. We think, talk, and write about security at length. Still, some uninteresting financials and some intellectual property that we generally intend to publish at some point anyway is about all we have around. Another organization may put security over convenience more than we do. But even so, the datAshur BT drive will withstand scrutiny from a high-security perspective too.
Before laying my hands on this drive, I had only a short wish list of things I wanted it to do. I’ve been asked to review flash drives before, but I have declined if they didn’t meet these two essential (for me) criteria.
- Ability to lock and unlock without remembering an access code.
- Ability to use with my Chromebook.
I am not willing to say that there are no other devices on the market that meet both of my minimum requirements, but I’ve not found them. I’ve seen, and even own, flash drives that will do either one of the above, but not both.
The datAshur BT hardware-encrypted flash drive met both of my, admittedly very minimal requirements. So, let’s start there.
This drive is managed from an app on my smartphone. It uses Bluetooth for communication between the phone and the drive. Using a smartphone app means I can use my phone’s biometric authentication to access the app. Indeed, I needed to put in a password, but only on the first use. After that, I use my fingerprint, just like I do to access my bank app. No access code to remember – check!
I enjoy the reliability and convenience of my Chromebook. It won’t do everything, but it does enough that I have come to prefer it over a Windows laptop.
The datAshur BT is OS and platform-independent, so it works fine with my Chromebook. All it needs is a powered USB port. I can unlock it with my iPhone, and then it works like any other flash drive. Another – check!
Here are some other features of the datAshur BT flash drive that you may find useful.
Remote management ready – If your enterprise needs to manage a few, or even an entire fleet, of these drives, it comes ready for remote management.
It is FIPS compliant for those that have sensitive data to protect and compliance issues to consider.
There are several multi-factor authentication options.
So, what didn’t I love?
In all fairness, I should label this section as “It’s probably just me.”
I initially downloaded the wrong app. I ended up with a datAshur management app instead of the datAshur BT app. The instructions were clear, but it seems that it is entirely possible that my wife’s frequent assertion that I generally ignore details may have a hint of truth to it.
Once I figured out my mistake, the download and app initialization was simple.
Another “details” issue presented itself when the instructions told me to note the Device ID printed on the USB connector. I assumed the instructions meant to tell me to record the device serial number printed on the side of the device. Well, that’s not what they meant. They meant what they said. There is a number printed on the connector end of the device. It took me a minute to figure that out.
Finally, the above-mentioned Device ID printed on the connector is printed in a tiny font with a faint gray color. I needed a magnifying glass to read it – but then again, that may just be me.
I was happy to find an encrypted flash drive that met all my requirements, and I am pleased to recommend it. I suggest you take a look at it here and see for yourself if it will meet your organization’s needs.
Steven Bowcut, CPP, PSP is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Facebook, Instagram, and LinkedIn.