If you have been following me, you would have read my take on the IronKey flash drive in a blog earlier this week. The IronKey is a secure flash drive that I'm convinced offers a relatively affordable and simple way for SMBs to secure their data against accidental loss or theft. SMBs keen to protect the data stored on hard disk drives will also want to check out my earlier piece on making use of BitLocker disk encryption to protect the data on their laptops.
For today, I would like to focus on the portable flash drive, which I consider to be a high-risk vector for data loss. Indeed, the increased popularity and ubiquity of flash drives can only mean a corresponding increase in the potential for them to be misplaced or stolen. Since data on a normal flash drive is not protected in any way, it is more important than ever to secure this weak link from exploitation.
Secure flash drives still have their limitations. For one thing, employees need to be aware that using these secure devices will not magically protect them against keyloggers on hostile machines. In addition, it is actually more troublesome to use a secure flash drive when trying to transfer some files to a colleague's machine, for example. Finally, secure flash drive or not, a company is helpless against unscrupulous employees who deliberately leak company secrets.
Beware of Fakes
Before rushing out to purchase a secure flash drive however, be aware that a number of pseudo-secure flash drives actually store the password as a file on the flash drive itself. On top of this, many of these devices also perform the password authentication through software in the memory space of the computer used to perform the authenticating and unlocking.
For these devices, I have seen at least one demonstration of just how easy it is for hackers to trick a secure flash drive into yielding protected data. In comparison, a bona fide secure flash drive will send the password to an on-board chip that will decide whether the password matches.
As enterprises and SMBs wake up to the harsh security reality of the data age, they are also looking for better ways to ensure the confidentiality of corporate data. Thankfully, more tools are appearing the market to address this issue. For one, the recently released Windows 7 operating system comes with BitLocker To Go, which allows organizations to encrypt the data on their portable storage devices or flash drives.
I shall be exploring BitLocker To Go for SMBs shortly.