People are carrying more important data with them than ever before, but not everyone gives as much thought as they should to keeping that data secure. There are both software-based and hardware-based methods to secure data on portable drives, and knowing which is right for you is key to benefiting from portability without compromising safety or privacy.
When it comes to securing data on your portable storage drives, software solutions have a few problems, not the least of which is that they’re more limited in how they work with various platforms. For example, BitLocker will only work natively with Windows systems, which is a downside for anyone who needs to access data on a Mac. Not everyone wants to install additional software, and so software encryption can impose some limitations.
For more on some of the most popular software security options for portable drives, read our in-depth look at BitLocker and MacOS encryption.
Secure storage devices with built-in hardware, however, bypass those sorts of restrictions. Because the encryption is built into the storage device itself and there are often physical keys that are used to enter PINs to authenticate and unlock the device, hardware solutions provide another level of convenience and compatibility to go with even strong security.
There are a host of secure storage devices to choose from. We’ll take a look here at a few devices by storage company iStorage to provide some examples of how these sorts of devices work.
Available in sizes ranging from 8GB to 64GB and in a well-built black chassis, the datAshur Personal2 drives offer serious security, with military-grade 256-bit XTS-AES hardware encryption and hardware keys that allow the user to type in a 7-15-digit PIN. The hardware encryption engine encrypts data in real time, and it automatically locks whenever it’s unplugged from a PC or when the USB port it’s connected to loses power. It can also be set to timeout automatically after a predetermined delay. Most important, because it’s a self-contained system, it’s completely transparent and works with a variety of devices including Windows, Mac, Linux, Chrome, and Android.
iStorage has incorporated additional security features to make sure your data remains protected. For example, the use of hardware keys to enter the PIN and unlock the device means it’s invulnerable to software/hardware-based keyloggers and brute force attacks. If a regular user enters an incorrect PIN 10 times in a row, for example, then the PIN will be deleted and an admin user will be required to enter a new PIN. Furthermore, if an incorrect admin PIN is entered 10 times in a row, then the encryption key and all data is deleted and the datAshur Personal2 device is reverted to factory default status and requires a reformat to be used again.
Using the datAshur Personal2 drive is incredibly simple, particularly given the easy-to-follow guide that’s included with the drive. The first and perhaps most important step is to change the default PIN, which is easy enough – just unlock the drive with the default PIN, press the key button twice, enter in the new PIN, and then hit the key button twice to complete the process.
As you carry the drive around, it remains in its locked state. To access the data, hit the key button, enter the PIN, and then hit the key again. The light will switch from blinking red to green (note that it you wait too long to plug it in, then it will revert to locked status). Plug it into the PC, access your data as usual, and then eject it. At that point, the drive will again be locked and safe to carry around.
The datAshur Personal2 is a USB 3.0-compliant device and so data transfers are fast and efficient at up to 139 megabytes per second (MBps) read and 43 MBps write speeds. There might be a slowdown thanks to the hardware encryption, but in our testing it wasn’t not terribly noticeable – and of course any extra time is well worth the security it affords.
The datAshur Pro is similar in design to the Personal2, although it comes with a more substantial blue case and affords an IP57 rating for dust and water resistance. It also offers the same basic security features, including a 256-bit XTS-AES hardware encryption engine and a set of physical keys for entering the PIN and managing the device. It’s available in size ranges from 4GB to 64GB.
In addition to being better protected from the elements, the biggest difference from the Personal2 is that the Pro model provides FIPS 140-2 Level 3 and NLNCSA accreditation, along with NATO security certification. That means that the device has been verified to provide the highest possible level of security. In practice, however, the datAshur Pro works similarly to the Personal2.
You’re not limited to smaller USB key devices if you need to keep your data secure. iStorage also offers a line of portable 2.5-inch hard disk drives (HDD) in the diskAshur2 that offer similar military-grade hardware encryption (XTS-AES 128-bit or 256-bit) and water-resistant physical keys for entering the PIN. Therefore, the diskAshur2 provides the same kind of protection from physical keylogging and brute force attacks. It’s also physically sealed against tampering and provides IP56 rating for water and dust protection.
Using the drive is also similar to using the USB sticks, with an extra step: the drive doesn’t have its own power supply and so must be plugged into a powered USB port first. Once it’s plugged in and powered up, then you simply enter the pin and hit the unlock button. The green unlocked indicator will light up, and you’re ready to go. As with the other devices, ejecting the drive or otherwise disconnecting it from a powered USB port will lock it. You can also hit the lock button at any time to lock it immediately.
The diskAshure2 is available in sizes ranging from 500GB to 5TB and comes in an attractive blue soft-touch chassis, and it’s a USB 3.1 device offering 148 MBps read and 140 MBps write speeds. The drive comes with a padded carrying case for some added physical security.
The diskAsure Pro2 is essentially identical to the diskAshure2 (albeit with a gray metal chassis), with the additional benefit of having received the highest level of government accreditation. It provides the same level of encryption and basic operation, and it also comes in 500GB to 2TB sizes.
The diskAshur DT2 is the desktop version of iStorage’s line of secure storage devices. It’s not as portable as the other options we’ve discussed so far, but it provides the same level of security with the same military-grade XTS-AES 256-bit hardware encryption engine and water-resistant keypad for entering the admin and user PINs.
The process of unlocking and locking the DT2 is identical to the previous HDD-based devices. Like the diskAshur Pro2 line, the DT2 meets the highest level of government security accreditation.
Unlike the other devices we’ve looked at, the diskAshur DT2 uses full-size desktop HDDs and needs to be plugged into an outlet. Its metal chassis is attractive and clearly durable, and it’s heavy enough to lend some confidence in its build quality. The DT2 is a USB 3.1 device and so offers fast 225 (MBps) read and 223 MBps write speeds. The DT2 ranges in size from 1TB to 8TB.
The right device for your needs
If you’re carrying more than your shopping list on your portable storage devices, then you should give some thought to security. We’ve covered some software and hardware options that can provide you with some peace of mind should you ever misplace your data or have it stolen while you’re sitting at the coffee shop.