Categories
Blog USB Sescurity

[Secure USB Series ②] Types of Encrypted USB Flash Drives

Encrypted USB drives are categorized according to the way that they protect the information, by the software method, which uses an encryption software, and the hardware method, which embeds an encryption chip. Both methods encrypt the USB drive and set a password required for login so that only users with the password can access the information. However, the former implements a software, while the latter utilizes a hardware chip to encrypt the data.

Software for USB drive encryption ranges from freeware to commercial products, such as VeraCrypt, DiskCrypt, Rohos Disk Encryption, Gilisoft USB Stick Encryption, LaCie Private-Public, KakaSoft USB Security, and BitLocker To Go. Even the commercial software is generally offered at an affordable price, at less than $50. With a single software, a limitless number of average USB drives can be transformed into secure encrypted USBs. Also, you can encrypt only specific areas of the memory so that security sensitive files can be managed separately. In addition, USB drives with built-in encryption software, such as SanDisk Ultra USB 3.0 and Edge Disk Go Secure C2 are available as well. The software encryption method is mainly used for personal data protection since it is considered relatively less secure than hardware encryption.

Hardware encryption uses an encryption chip, which incorporates an internationally standardized 256-bit AES algorithm to automatically encrypt and decrypt data during transfer. In fact, the hardware encryption method shows quicker performance in data processing. In addition, it removes all the hassle of installing a separate driver or needing administrative privileges, making it simple and convenient to use. Unlike the software encryption method, which is prone to becoming the target of malicious attacks from remote sources, hardware encryptions can only be accessed physically, making it considerably more secure.

Representative products include SECUDRIVE USB BasicKingston DataTraveler 4000G2, Ironkey D300/S1000DataLocker Sentry, and Kanguru Defender. Some products like the Kingston DataTraveler 2000Apricorn Aegis are equipped not only with a hardware encryption chip, but also with a physical keypad for additional security.

Hardware-encrypted USB products are mostly used in enterprise environments. There are also military-grade products, which are made of durable metal materials and include water and shock-resistance features to protect it from external impact or pressure. Some products come with an internal anti-virus solution for cases where viruses are spread through infected files within a USB drive. In preparation of brute-force attacks, most products have the function to automatically destroy all data when the number of login attempts exceeds a set count. It is also common to use a centralized management service for secure USBs.

Also, in the US, the National Institute of Standards and Technology (NIST) recommends only using hardware-encrypted USBs that have been FIPS-140 validated in public and financial institutions. This shows how the use of such USBs is suitable for mission critical environments. Compared to software-encrypted USBs, it is much costlier, and the price varies by the hardware structure and the software function configuration. Therefore, the product should be selected reasonably depending on the purpose and budget.

Blog Posts in this Series:
① Different Types of Secure USB Flash Drives
→ Types of Encrypted USB Flash Drives
③ Types of Copy-protected USB Drives
④ USB Flash Drive Central Management Solution

Categories
Blog USB Sescurity

[Secure USB Series ③] Types of Copy-protected USB Drives

Copy-protected USB drives are used to prevent copying of data stored in the USB drive, even if it is accessible. It is divided into two categories depending on the purpose of use: content copy protection and business file copy protection.

Content copy-protected USB drives have become a replacement for PC-use CD-ROMs, primarily used for copyright protection of flash books, HTML e-books, videos, music, and especially protection of single content distribution. With the advent of ultra-high-capacity content, CD-ROMs are no longer able to hold such data and are quickly being replaced. As a result, this has contributed to the rapid decline in the price of USB drives.

Most of these products implement a copy protection function by software methods and have encryption, copy/print/screen capture prevention, and limited time use functions. Some brand-exclusive flash drives provide data deletion/format prevention functions.

It is common to support industry-standard file formats, but in recent years, USB drives have started to also support content producers’ proprietary file formats as well. In addition, a producer’s proprietary application can be installed and operated to support read/write functions, as well as be able to redistribute/update through the Internet after distribution.

Some renowned brands include SecudriveNexcopyKakasoft, and Truscont. These types of products mainly support various text, web document, image, audio, and video formats, such as pdf, txt, HTML, HTML5, JPG, GIF, MP3, WAV, WMV, and MP4. Some products support MS Office, CAD, and their own applications. When selecting a product, you should carefully look at the support file format and consider whether it will serve as a read-only, one-time distribution or a regular/irregular update requiring device.

Business file copy-protected USB drives are used to prevent leakage of confidential information used for businesses, such as Office and CAD files. To prevent information leakage, it has functions to prevent copy/print/network transfer/screen capture. In addition, users can edit data in the USB drive, but all user logs are monitored in real time through the Internet. This function is mainly used to prevent leakage of confidential information by malicious insiders.

With an encrypted USB drive, a user with malicious intent may decrypt the password and convey confidential information to someone outside. However, with a copy-protected USB drive, you can set the anti-copy function in advance so that even when someone enters the password and accesses the data in the flash drive, they cannot copy it to others. In this sense, it is said that encrypted USB drives are for benign users, while copy-protected USB drives are usually used in preparation of malicious insiders.

Some of the above-mentioned content copy-protected USB products support business-related applications, such as MS Office and CAD. Most of these types of products only have read-only features that do not meet the needs to edit data after storage. Conclusively, copy-protected USB drives are generally recognized to be unable to meet security standards for enterprise-level confidential information since it uses software encryption methods. On the other hand, Secudrive USB Office and USB CAD products utilize hardware-encrypted methods to increase security as well as to have functions to manage copy/print/screen capture/network transfer user rights and store user file usage logs.

Blog Posts in this Series:
① Different Types of Secure USB Flash Drives
② Types of Encrypted USB Flash Drives
→ Types of Copy-protected USB Drives
④ USB Flash Drive Central Management Solution

Categories
Blog USB Sescurity

[Secure USB Series ④] USB Drive Central Management Solution

Central management of USB drives within companies is becoming a big issue of interest. As long as companies use USB drives, they need to be carefully managed in order to prevent information leaks in the enterprise. The USB drives should be managed so that administrators are aware of who is using which flash drive and what they are doing with it, if it has been lost, or if it is being used in accordance to the security policy.

These products have functions such as password set and reset, remote deletion and decommissioning in case of loss or theft, collection and analysis of file-related logs, and remote update of software and files. They also have functions to specify the location of the secure USB based on the connected IP address or to limit access only to authorized IP addresses. In addition, different security policies are set according to online and offline situations, so that when the secure USB drive is used outside the company, information leakage is prevented.

Representative products include Secudrive UMS , DataLocker SafeConsoleIronkey EMS, and Kanguru KRMC. Generally, the solutions are designed to manage secure USB flash drives sold by each company. DataLocker SafeConsole supports central management service for DataLocker Sentry products, some Kingston DataTraveler products and Cardware SafeToGo USB drives and external hard drives. Ironkey, Kanguru, and Secudrive products support their own USB flash drives, respectively. Secudrive UMS additionally supports Secudrive USB Office+/ CAD+, a business file copy-protected USB drive product, and includes user rights management for copy/print/screen capture/network transfer.

Central management service use is limited to each company’s own secure USB drive products; therefore, it depends on which secure USB drive is used.

Blog Posts in this Series:
① Different Types of Secure USB Flash Drives
② Types of Encrypted USB Flash Drives
③ Types of Copy-protected USB Drives
→ USB Flash Drive Central Management Solution

Categories
Blog USB Sescurity

[Secure USB Series ①] Different Types of Secure USB Flash Drives

A Universal Serial Bus flash drive USB drive is a portable flash memory with an integrated USB interface, that is recognized as a disk when connected to a computer. The USB is one of the standard buses, pathways used to send and receive data between computers and peripheral devices, that became widely used in the late 1990s. Flash memory is a type of semiconductor that can save and store data. It differs from read-only memory ROM, which is unable to delete or modify data once it is saved, or random-access memory RAM, in which the data can be modified but are lost once the power is removed. Instead, the data on flash drives can be saved, deleted, and modified freely and are preserved even if the power is cut off.

A USB drive’s small size so small that they are called “thumb” drives, unmatched memory capacity, and versatility with data modification have made it the choice portable storage device for a long time. However, as observed from incidents of personal medical information leakages in hospitals, inadvertent misplacement of a firm’s valuable information can cause a great cost as well as devastating damage to the reputation of the institution. Also, from the Snowden Case, we can see that it can be a tool for employees to leak extensive internal information. Thus, in recent years, it has become more common for companies to entirely remove USB ports or at least to place stricter restrictions on USB usage.

However, USB drives are still used widely for convenience. Especially in places where security is emphasized but USB use is a necessity, security enhanced USB drive use is prevalent.

Secure USBs can be classified into two types by the method of protecting information in the USB drive: encrypted USB and copy-protected USB.

Secure USB Drive

Encrypted USB Flash Drive – Software-encrypted USB Flash Drive / Hardware-encrypted USB Flash Drive

Copy-protected USB Flash Drive – Content Copy-protected USB Flash Drive / Business File Copy-protected USB Flash Drive

Encrypted USB flash drives are categorized according to the method of information protection, by the software method, which uses an encryption software, and the hardware method, which utilizes encryption chips. Both methods encrypt the USB drive and set a password to login so that only users with the password can access the information.

Copy-protected USB flash drives are used to allow access to the files within the memory but prevent files from being copied to the outside. It is mainly used for USB copy protection for mass distribution of audio and video file content or business files, such as Office Word and CAD.

Blog Posts in this Series:
→ Different Types of Secure USB Flash Drives
② Types of Encrypted USB Flash Drives
③ Types of Copy-protected USB Drives
④ USB Flash Drive Central Management Solution