A Look at the IronKey Secure Flash Drive


IronKey recently sent me one of its secure USB flash drives. For those who are not familiar with it, the IronKey USB flash drive is unique in its ability to protect on-board data with on-the-fly hardware-based 256-bit AES encryption. With security at the heart of the IronKey's design, decryption keys are stored on a custom processor called the Cryptochip to foil memory-extraction attacks. In addition, the innards of the flash drive is further sealed with an epoxy compound to protect against physical tempering.


Some will argue that the construction of the device is an overkill, what with the metal drive being waterproof and all. Having gone through my fair share of cheap plastic flash drives, such as those given out free at trade fairs around the planet, I must say that I am all for a robust flash drive for a change. The IronKey supports Windows, Linux and the Mac OS X operating systems.


Securing Your Data in Hardware

The idea behind the IronKey is simple: to create the world's most secure USB flash drive. Even if the flash drive were to be lost or stolen, one can be assured that data stored on it remains uncompromised. To facilitate this, the secured portion of the flash drive is not made available until the correct password is furnished to the Cryptochip.


That's not all: After keying in the wrong passwords10 times, the data "self destruct" - or so notes the marketing collateral. Before you take out the fire extinguishers, though, I believe what really happens here is that the decryption key required to recover the stored data is erased, leaving the drive just so much scrambled data bits, courtesy of its strong data encryption.


Using the IronKey

How does the IronKey work? Depending on your computer settings, plugging the IronKey into a USB port should result in the password authentication applet to appear automatically. The IronKey password applet basically requests the password, which is queried directly against the Cryptochip.


Assuming the correct password is keyed in, the IronKey will "unlock" - a new drive will become available, which works just like any regular flash drive. In the background, data that is transferred to the device gets transparently encrypted, while the reverse happens to data copied from it. It was possible for me to unlock the drive in a read-only mode, too, a useful feature when using the IronKey at a cyber cafe or in hostile environments. Locking the drive is a trivial matter of unplugging it from the USB port.


The Downside

One downside of the IronKey is the amount of space taken up by its firmware and bundled applications. The unit I tested is a 1GB model, of which an empty drive shows only 618MB free out of 704MB available. Presumably, the rest is taken up by various system files, which should be less of a problem with a higher-capacity model.


How can a secure USB Flash drive like the IronKey benefit small and medium businesses, though? I will be exploring this topic in my next blog, so stay tuned.