A Look at the LOK-IT Secure Flash Drive


I wrote about the IronKey secure flash drive last year, which secures on-board data using 256-bit AES encryption. The premise behind the use of a secure flash drive is simple: Even if the flash drive were to be lost or stolen, data stored on it remains uncompromised. This is crucial to SMBs, which probably lack the resources to cope with the repercussions of data loss.


Another product that recently came to my attention would be the LOK-IT secure flash drive. Like the IronKey, data stored on the LOK-IT is encrypted at the device level. The LOK-IT works in pretty much the same way, too, in that only the correct password will render the storage device to be visible. Keying in the wrong password 10 times, though, will result in the deletion of the encryption key, effectively making protected data permanently irretrievable.


The LOK-IT's use of a built-in PIN-pad to key in a numeric password makes it unique. The company argues that unlike competing secure flash drives that require a software component to perform the authentication, the PIN-pad approach prevents Trojans or other malware from retrieving the password.


A quick look at the features of the LOK-IT:


  • Hardware authentication (via PIN-pad).
  • On-the-fly full disk 256-bit AES hardware encryption.
  • 7 to 15 digit PIN length required.
  • Encryption key wiped after 10 incorrect PIN attempts (reformat enforced).
  • Filled epoxy potting.


There are two versions, a 5-key PIN-pad ABS version, which uses dual-function keys to represent the numbers 0-9 using just five buttons, and a 10-key PIN-pad anodized aluminum version. I was sent me the 5-key model, which I tried out.


I list some of my thoughts below for readers to evaluate based on their specific needs.


PIN-pad Might be Confusing Initially


I must admit that I experienced some confusion in setting my password for the first time and subsequently trying to unlock it. The LOK-IT uses two LED lights, one red and one green to indicate its operational states. Blinking or steady lights - and combinations of them -- all meant different things.


However, the included instruction sheet was unambiguous, and it took perhaps 10 to 15 minutes to learn how the device worked. SMBs might not want to just hand it over to their non-IT employees without instruction, though a brief hands-on should be more than adequate. Ultimately, it was simply a matter of reading the instructions carefully and getting the hang of it; most states of the indicator lights were only relevant to configuring the LOK-IT for the first time anyway.


Ability to Set Master Password


System administrators and CIOs will like the way the LOK-IT allows them to set "master" password that can be used to unlock the drive, bypassing the user password. This is useful for companies wary of users who forget their passwords with important data onboard. SMBs that decide not to use this feature can just set a user password without first configuring a master password, which will disable the master password feature automatically.


Rechargeable Battery Inside


There is a rechargeable battery built into the LOK-IT, and I initially had concerns about the viability of the drive should the battery run out of power. According to the user guide though, if the battery goes dead, just plug the LOK-IT into a USB port, and proceed to authenticate from there. Obviously, this can be a hassle with desktops placed in awkward locations, especially in the eventual situation where aged batteries are no longer able to hold a charge. Still, this might be a non-issue for organizations that depreciate their hardware over three or five years.


True Platform Independence


What I really liked about the LOK-IT is the true platform independence offered by using a PIN-pad for authentication. This is different from all the other secure flash drives on the market at the moment, which require the use of operating system-dependent software to accept the necessary input for authentication. By default, the LOK-IT will support any platform that can recognize a standard flash drive.


The 4GB, 5-key version of the drive is available for $52, while the 10-key version costs $62. Users can order it online.