Categories
Blog NEWS News Letter Press Release USB Copy Protection

SECUDRIVE USB Copy Protection Server Released

Brainzsquare releases SECUDRIVE Copy Protection Server, a high caliber copy protection solution for digital content and documents that require frequent content and policy updates and monitoring via servers. Administrators can now securely distribute and control content access remotely using online servers.

Brainzsquare announced its release of SECUDRIVE Copy Protection Server (SDCPS), a server-based copy protection solution into the market.

With the growing needs of content publishers and their content, distribution needs to be more efficient and more closely moderated. Existing copy protection, such as CD or DVD copy protection for content can take up to 10 days or more to produce and distribute, and can be quite pricey when adding all the delivery fees, distribution fees, etc., together. SDCPS was developed with the solution to that in mind. The ability to speed up the production and distribution process and the ability to update content, copy protection policies, and validity licenses regularly when distributed to remote locations are a few of the core advantages of SDCPS.

SDCPS caters especially to companies that need moderated copy protection for their evolving digital content and documents when distributing it to others via online. This specialized copy protection solution utilizes advanced features such as copy protection that prevents screen capture and printing without authorization, validity settings, and DRM policy settings with optional password settings. SDCPS allows administrators to update content licenses and security policies for the purpose of monitoring and regulating.

By installing the server component of SDCPS onto the server, the administrator can monitor, update, and control the validity settings of the digital content remotely. Content will still be downloaded and copied onto normal USB drives as with the regular SECUDRIVE Copy Protection. SDCPS creates secure image files by integrating the digital content and the security policy configuration. Once connected to the internet, a virtual drive will appear on the USB drive, allowing the user to view the stored content. Content policies updated on the server will be updated for authorized users on their virtual drive once connected to the internet.

“SECUDRIVE Copy Protection Server is all of the features of the regular Copy Protection, but now companies who need to monitor and update their content policies online when securely distributing content on USB drives can take advantage of the online license managing program,” said Simon Kang, CEO of Brainzsquare.

Brainzsquare offers 30-day trial versions of SDCPS for content publishers to try on their website (www.secudrives.com).

About Brainzsquare:
Founded in 2000, Brainzsquare has been serving specialized and innovative data security solutions into the market. With the launch of the SECUDRIVE product line in 2006, Brainzsquare has been providing products ranging from secure USB flash drives and data erasure products to copy protection software, device control, and file server security for corporate customers and content publishers.

If you have any questions or inquiries about this article or its contents, please contact us.

Categories
Blog USB Sescurity

Hardware USB Encryption Vs. Software USB Encryption.

A strong case for hardware USB encryption and an analysis of the weaknesses of software USB encryption.

We have all lost a USB flash drive at one point or another. Millions of USB flash drives are lost per year and the potential fallout from lost confidential data can be costly. So it is important to have some sort of security on your USBs so that if they get lost, the data is unrecoverable.

When looking for USB encryption options, it can be difficult deciding which type of encryption mechanism you should use. Between the two types of USB encryption methods, software and hardware encryption, there is a clear winner. Hardware. Though software encryption, in general, has come a long way in a PC environment, in the end, it is still software, and like all software, it is crackable.

Software Encryption is still Software
Though the process is not easy, hacking of even well-made software encryption is possible by skilled programmers. The way software USB encryption functions are by using the user’s password to encrypt the master key, which encrypts the data. In order to access the data within the USB, the hacker only needs to find the password, which will then give him the master key to access the data. In order to find the password, hackers can use a brute-force attack, which is a cryptanalytic attack that checks all possible password combinations until the correct one is found. A relatively secure password such as “F7*eTi!9” can be cracked in minutes or hours depending on the encryption used (64-bit, 128-bit or 256-bit). Once they find the password, they will have access to the encryption key and have complete access to all stored USB data.

Hardware’s Defense
On the other hand, hardware encryption uses an onboard security chip, such as the AES 256-bit Crypto Chip, to perform all encryption and decryption of data along with key generation and handling. Due to software encryption’s dependence of the host PC, it enables a hacker to be able to alter the software programming, for example, to allow an infinite amount of password attempts. So, even if a software encrypted USB had a password counter that limited the number of password attempts, the program could be altered through the PC by a skilled programmer.

Hardware encrypted USBs will not connect to the PC without the password so it cannot be altered through the PC. So by separating the algorithm and encryption key within the encryption chip from the PC, it prevents potential hackers from accessing and/or tampering with your software encryption program through the host PC.

Along with the separation of the encryption chip, hardware encrypted USBs use an internal password counter which limits the number of passwords attempts. By limiting the number of password attempts, the hardware-encrypted USB prevents brute-force attacks from guessing your password and destroys or freezes the stored data once a user surpasses the limit. So even if you are one of the million people that have lost a USB, the stored information will be kept from prying eyes.

Additional USB Security Features worth Having
Whenever connecting a USB into a host PC, regardless of whether it is hardware or software USB encryption, it is susceptible to viruses and malware. A common USB virus, the Autorun Virus can alter the autorun.inf file that most USBs use to automatically start the login process. This can lead to an infection of corporate networks if the infected USB is connected to an office PC that is part of an office network. To resolve this issue, USBs are being loaded with anti-virus software to help combat the risk of infection through the host PC. For example, SECUDRIVE has protected all their secure USBs with Trend Micro’s TMUSB 2.0 vaccine program to prevent any infection.

Hardware over Software
When it comes down to the level of security, hardware USB encryption is superior. Its separation of the encryption key and resistance to brute force attacks makes hardware USB encryption much more robust and resistant to hacking attempts. If you are thinking of purchasing software encryption for your USB, think again. If your data is important enough to protect, wouldn’t you want the highest standard in USB encryption protection? Some may argue that software encryption may be cheaper. This may be true initially, but in the long run, the benefits of hardware USB encryption outweigh the initial costs. Why risk losing important information to potential competitors with a subpar encryption method? It isn’t worth risking millions of company dollars to skimp on USB data protection. When it comes to USB encryption, hardware encryption is the obvious choice.

Categories
Blog Data Erasure

“Deleted” Data that is not completely Deleted

A PC generally keeps most of the data stored on it whether it has or hasn’t been deleted, up to the moment of being disposed of if no complete erasure is done. It is common for people to tend to think “erase” or “delete” in Windows means that the file is gone forever and unrecoverable. People with a bit more security awareness feel comfortable after they format all data of partition before disposing of the PC. However, it is common knowledge that deleted and formatted data in Windows can be easily recovered by using simple recovery software that is easily accessible on the Internet.

In the United States and the U.K., they are famous for their stricter industry-standard, government regulations, and laws in comparison with other countries. The following data leakage from used disk relating to government organizations reminds us of the importance of completely wiping disk drives.

In 2009, the United States Department of Veteran Affairs had one of their hard drives fail, which contained records of millions of U.S. veterans. Without destroying the data first, they sent the failing hard drive back to the vendor for repairs, risking potential data breach that could have affected 760,000 people. This accident is claimed to be the single largest release of personally identifiable information by the government in history.

In 2010, there was a sensitive case with NASA’s preparation for the end of the space shuttle program. Selling their surplus of supplies, old computers were on the list. However, fourteen computers from the Kennedy Space Center failed tests to determine whether they were properly sanitized of sensitive and confidential information. Ten of the computers had already been released to the public at that point, creating a serious data security issue and breaches to NASA’s IT security practices. Information on the computers could have helped hackers gain access to NASA’s internal computer network.

Also in 2010, an army officer, Captain Robert Sugden sold his broken laptop for “spare and repair” parts for around $32 USD. However, the laptop contained military secret files such as troop numbers, patrol details, ammunition stock lists and locations of police command posts, none of which required passwords. Such information could be fatal if put it was in the hands of terrorists. When the shocked buyer returned the laptop to the U.K.’s Ministry of Defense, it was also discovered that the laptop contained hundreds of photos and names, risking the lives of those that joined the Afghan National Police and Afghan National Army.

In the previous mentioned cases, it was fortunate that the government authorities went ahead with inspection and prevented the data from being leaked and misused by other parties. There are cases where those who were not wary of the dangers of data leakage from a used hard disk. The two U.S. cases mentioned above were only discovered because of an audit done by the government while in the case of the U.K., a buyer let the government know of the situation. It is reasonable to say that there are many potential cases out there that can lead to great risk just like the ones brought up in this entry.

In 2008, an illegal content distribution scandal took place in Hong Kong, China. Although this case does not involve the government, it does involve an individual’s privacy. Dubbed the “Edison Chen Photo Scandal,” a personal computer was sent in for repairs where hundreds of private photos were taken, copied, and distributed without consent, allegedly by the computer repair shop. The PC’s owner, Edison Chen stated that the photos that were distributed were deleted before being sent in for repairs, but with the advancement and accessibility of data recovery technology, about 1,300 of Chen’s sexual and celebrity photos were recovered, taken and copied, only to be distributed for the world to see. This case severely damaged his reputation and his career in China.

Over 250,000 used computers and over 100,000 used laptops are waiting to be sold on eBay by the end of April 2013. Many people carefully erase the data by deleting files and reformatting the hard drive to feel more secure when selling computers. This blog entry was created to raise data security awareness to prevent such data leakage incidents, which may creep up on us someday.

Categories
Blog Data Erasure NEWS News Letter Press Release

SECUDRIVE Sanitizer Portable Released

A new hard disk wipe solution now available from Brainzsquare, SECUDRIVE Sanitizer Portable allows users to easily delete data on hard drives completely, including the OS, without the need to enter BIOS setup or use additional booting devices.

Brainzsquare announced its release of SECUDRIVE Sanitizer Portable(SDSP), a simple hard drive erasure solution that doesn’t require additional booting devices or the BIOS setup.

The only requirements of running SDSP are connecting the USB flash drive, choosing an erase algorithm, and selecting the disk to be wiped within the same PC environment. SDSP erases various kinds of disk drives such as ATA/IDE, SATA, SCSI, USB, and FireWire. SDSP utilizes world-known to erase algorithms such as the Gutmann algorithm (35 times overwrite), the DoD5220.22-M algorithm (3 and 7 times overwrite), etc. to wipe the PC including the OS.

In addition, the details of the erase procedure (disk info, erase algorithm, etc.) are recorded on the report log which is embedded into the hardware. SDSP’s software also allows the user to erase multiple computers and disk drives simultaneously and can be used as many times as needed within a single location.

“Due to the difficulty and complicated nature of having to set up BIOS and having to use additional booting devices such as CD or USB flash drive when wiping the disk, IT specialists were often necessary. SDSP was developed with a solution in mind. The goal of SDSP is to allow even the casual users to be able to completely wipe their computer with extreme ease,” said Simon Kang, CEO of Brainzsquare.

About Brainzsquare:
Founded in 2000, Brainzsquare has been serving specialized and innovative data security solutions into the market. With the launch of the SECUDRIVE product line in 2006, Brainzsquare has been providing products ranging from secure USB flash drives and data erasure products to copy protection software, device control, and file server security for corporate customers and content publishers.
If you have any questions or inquiries about this article or its contents, please contact us.

(Secudrive Drive Eraser is an improvement and a replacement of Secudrive Sanitizer Portable now, 0823/2019)

Categories
Blog

Three Cases Where CD/DVD Content Distribution Cannot Be Used.

Generally, content publishers distribute their content via CD or DVD disc media when it comes to their important content. For over 20 years, CD and DVD discs have been the main method of distributing copy-protected media such as audio and video content. However, CD/DVD based copy protection has been challenging the limitations of what types of content and necessities of a content publisher can be stored on the discs.

In this blog, we’ll discuss three cases where CD and DVD based copy protection solutions cannot function properly when distributing content.

We cannot use it when the content is important and very high in value.
Generally, audio and video content that is distributed via CD/DVD discs are cheap(under the value of fifty US dollars). In this case, content publishers can distribute a large number of CD/DVD containing content using the CD/DVD based copy protection. It is cost-effective for content publishers to distribute in this method, even if some of their content can be copied illegally with cheap or free technological resources available on the internet. There are a lot of CD cracking tools for the general public to use such as Clone CD, which allows even the non-tech savvy people to copy content. Since such resources exist, if you want to distribute content worth hundreds or thousands of dollars, you should not use CD/DVD copy protection solution.

Sharing confidential corporate information internally.
While it is efficient to share data digitally, when sharing confidential information within the company there is crucial and almost irreparable damage if it is exposed outside of the organization. For example, the service manual of a motor company would be shared with various cooperative auto service partners and dealers to enhance their quality of service. However, the exposure of this information to customers, competitors, or outside of the company, in general, may severely damage the reputation and reliability of the company. This service manual can be updated a lot regularly and can be used in the case of internet disconnection. The level of security should be kept high on this content even if there’s a high number of a distribution involved. In this case, CD/DVD based copy protection cannot be used.

Sometimes want to distribute content which cannot be viewed with an existing standard viewing program.
Existing CD/DVD copy protection solutions generally use standard playing or viewing programs to play normal audio and video formatted files. For example, an e-book generally uses a certain viewer such as a PDF viewer. The content of the e-book would be transferred into a PDF format from the publishers’ original format. In this process, there are some issues where the content cannot function efficiently.

1. If the Content has too many HTML or PDF links.
2. PPT file is multimedia, mixed with animation, sounds, and videos.
3. Content is in the form of a .EXE file.
4. Ultra high definition video file that is not compatible with the standard/existing player.

In addition to the three cases, there are some other challenges that come from the rapidly changing IT market environment. Recently, newly released laptops started to stop providing CD/DVD drives. The capacity of a DVD disc is at most 4.7 GB. It is inconvenient to keep track of multiple discs when high-resolution files are involved.

In conclusion, CD/DVD based copy protection solutions have relatively good quality and standards as well as cost-effectiveness, but it has met some challenges with the various growing needs of digital content publishers. Nowadays, Secudrive USB Copy Protection, one of USB based copy protection solutions are used to distribute large amounts of content while providing higher security functions than CD/DVD based copy protection solutions.