Categories
Blog USB Copy Protection

[USB Copy Protection] Secure content delivery on USB drives with copy-protection

Distribution of valuable contents like intellectual properties, marketing materials, and educational publications brings the content producers to decide on the appropriate media with trusted security to prevent unauthorized copying or redistribution. Notably, CD/DVDs were once popular for its low-cost advantage; however, they are now considered obsolete due to its vulnerability to piracy and relatively low storage. Thus came the USB drives that provided portability and practicality with decreased size and increased storage space, respectively. Furthermore, they can be made to protect the stored contents from inside and out, satisfying the needs for trusted security that CD/DVDs lacked.

Secudrive USB Copy Protection (UCP) Basic satisfies the needs of those who wish to distribute their valuable contents without having to worry about unauthorized content copying and redistribution. UCP Basic operates by converting ordinary USB drives into secure USB drives with security policies, file encryption, digital rights management, and application whitelisting. Firstly, UCP Basic creates specific security policies with a wide selection of configurations as below:

  1. Password settings and complexity rules
  2. USB drive usage period
  3. Maximum logins allowed
  4. Maximum offline logins allowed
  5. Automatic USB drive lock/wipe after maximum incorrect password entries, usage period, and logins

Security policies created by these configurations act as the first layer of security that restrict the outsiders’ attempts to access the stored contents after unfortunate losses or thefts. Furthermore, the automatic USB drive lock/wipe feature after maximum usage period and logins give the producers to maintain the exclusivity of their contents.

UCP Basic encrypts all the stored contents and information, making sure that it is protected from start to finish, at the core. Once encrypted, all the activities regarding the stored contents must be performed within the secure USB drives produced by UCP Basic. The significance of this security feature is the ability to render the contents inaccessible and unusable outside the USB drives.

Secure USB drives made by UCP are equipped with digital rights management (DRM) that restricts the users from unauthorized file copy, clipboard copy, print, screen-capture, and network-transfer. It is the core element in security against accidental or malicious insider threats, as it protects the data from being leaked out while in use. The innovative integration of DRM into the secure USB drives made by UCP provides the practicality, as well as the trusted protection against leakage by the insiders.

To ensure that the possibilities of security bypass are eliminated, UCP provides application whitelisting that allows the producers to designate certain applications to be run on the USB drives. It prevents non-whitelisted applications from being installed and run on the USB drives to protect the contents from being harmed by external cyber threats like ransomware.

Understanding the needs of different content producers, the advanced Secudrive UCP+ introduces remote update feature along with all security features of UCP Basic as previously mentioned. This feature is ideal for those who wish to update their contents regularly and USB drive security policies without having to recollect the distributed USB drives from the users. With a few clicks and configurations, UCP+ remote update provides cost efficiency and additional security for content distribution and the USB drives, respectively. Compared to ordinary USB drives or CD/DVDs, secure USB drives with remote management helps achieve cost efficiency as content producers can eliminate extra USB drive production, and shipping duties from and to the USB drive users. As for security, the remote update takes it the extra mile as the producers can reset or renew the security policies if they suspect or confirm that the existing policies have been compromised. Furthermore, content producers can remotely lock or wipe the USB drives. In other words, the remote update feature gives the producers the ability to remain in control of the stored contents, even after the USB drives are distributed to the users.

Secudrive UCP Basic produces secure USB drives on which content producers can store their works for distribution. A wide range of security features guides the producers to set up and apply extensive and persistent security policies that protect the stored contents. UCP+’s remote update achieves cost efficiency when distributing the contents that require regular or occasional renewal, in addition to additional security measures that will help content producers to respond to potential content violations, even when the USB drives are out of the hands of content producers.

Please visit Secudrive UCP product page to discover more about USB Copy Protection and its features!

Categories
Blog File Server Security USB Copy Protection USB Sescurity

How to Prevent A Data Breach Risk by Contractors

Many security managers are worried about the possibility of a data breach by contractors when sensitive information is shared. As discussed in the previous blog, it is not easy to prevent data breaches by contractors, even though the breaches can cause crucial damage to a business. This blog describes a couple of typical examples where contractors could cause a data breach and suggests ways to prevent a data breach by using Secudrive solutions.

First, let’s imagine this situation: a company extracts customer information from their database and hands it over to contractors as a Microsoft Excel file. The contractors conduct a cold-call marketing campaign with the information, fill out the result of the calls in the files, and return the files to the company. Thousands of customers’ information is stored on every contractor’s PC, but the contractors’ PCs are separated from the company, so the company cannot control and monitor them. A contractor could accidentally send the Excel file as an attachment in an e-mail to the wrong person or deliver it into the wrong hands with malicious intent. In addition, if the company gave the contractors its marketing plan for the campaign, which the company has spent considerable money and time to create, the plan might be copied and delivered to a competitor too.

Second, imagine an industrial machinery company that hires hundreds or thousands of technicians as contractors to conduct a maintenance service for their customers, who are scattered all over the United States. The company should provide manuals related to all their products as well as a price list for all of the parts. The information might contain very important intellectual property and be very sensitive for the competition in the market so that it should not be handed over to the public or a competitor. Therefore, the company cannot help but worry about how the technicians handle the sensitive information in diverse environments. What if a technician loses his or her unencrypted laptop storing the sensitive data? What if the technician copies the files and places them into the wrong hands? What if the technician keeps files even after leaving this job, and hands them over to a competitor? The possibilities are endless.

Secudrive USB solutions could ensure data security in the above two cases.

First, Secudrive USB Office+ is suitable for use in telemarketing. Excel files can be placed onto a Secudrive USB Office+, a copy-protected USB flash drive that enables an administrator to restrict users’ rights for copy, print, screen capture, and network transfer. If all the users’ rights are restricted, users can simply open and edit the files on the USB flash drives. After the telemarketing campaign, contractors fill out the results and return the files to the administrator. If Secudrive USB Management Server is used together with Secudrive USB Office+, you can monitor all users’ activities with the USB flash drives. Even if a user loses a USB flash drive, the data would be secure because it is encrypted by an encryption chip. You can also destroy the data or lock the USB remotely when necessary for information security.

If you want to check the results of a campaign in real time, you can use Secudrive File Server instead. The customers’ information is stored in a file server that is separate from the company’s database, and Secudrive File Server is installed on the file server. Secudrive File Server makes it possible for an administrator to restrict users’ rights for copy, print, screen capture, and network transfer when users use files in a shared folder. Users only open the Excel files and fill out the results of the calls in the shared folder, and the administrator can check on this process in real time.

If users do not need to edit files after distribution, as in the second case, Secudrive USB Copy Protection is an excellent choice. You can restrict users’ rights for copy, print, screen capture, and network transfer when you distribute files with USB flash drives. If you need to update product information or a price list, you can upload the update files onto an update server, and then these files can be automatically updated when the distributed USB flash drives are connected to the Internet. Secudrive USB Copy Protection can utilize general USB flash drives that have serial numbers, making it more cost-effective, but this option is less secure because it is encrypted only by a software algorithm instead of an encryption chip. However, you can also destroy the data or lock the USB flash drives remotely.

In both cases, you can update files on the USB flash drives remotely through the Internet after distribution, without the need to deliver a physical CD/DVD every time you update files after distribution. Therefore, distributing the USB flash drives using Secudrive Solutions is much more efficient and cost-effective than distributing CD/DVDs using existing solutions.

Secudrive solutions are also very effective in preventing data breaches by contractors who work with sensitive corporate information but cannot be easily controlled under a regular corporate security regulation and system. With Secudrive, you do not need to open a corporate server system that is full of sensitive information. If you select the information that you have to open and deliver it to contractors using Secudrive, you do not need to worry about data breaches caused by contractor mistakes or malicious actions.

Categories
Blog USB Copy Protection USB Sescurity

Data Breach Risk Caused by Contractors

Many companies hire contractors when they consider a job to be of secondary importance to their business and need short-term labor or high-quality professionals for a specific job. A contractor, for the purposes of this blog, can be a freelancer, consultant, third party, or business partner who is hired from outside of a company. Hiring a contractor is a big deal in terms of information security, even though it is common knowledge that it is a good way for companies to maximize organizational flexibility and cut costs.

In recent news, Target agreed to pay USD 18.5M to settle claims by 47 states and the District of Columbia and to resolve a multistate investigation into a massive data breach in late 2013. Target said the total cost of the data breach was USD 202M as of May 2017, and it had not yet been finalized. The breach began at the PC of an employee of a third party who was responsible for maintenance of Target’s HVAC. A hacker accessed the PC and installed malware—the PC did not have anti-malware software. The hacker spied on the connection between the PC and Target’s system, finally gaining access to Target. The hacker stole the credit and debit card information of as many as 40M shoppers.

In another breach, the episodes of “Orange is the New Black,” a popular television show on Netflix, were released to the public by a hacker before Netflix’s official release this spring. Larson Studios, a third party for Netflix, had the files to conduct audio postproduction. A hacker attacked the third party, which was not fully equipped with a security system, to gain access to the files. The hacker then asked Netflix and Larson Studios to pay a certain amount of money within a certain timeframe or else the hacker would release the files to the public. Netflix and Larson Studios rejected the proposal, so the hacker released the files. In conclusion, many episodes of the new season in which hundreds of millions of dollars had been invested, was released before commercialization, resulting in tremendous consequences for Netflix. Many security professionals have pointed out that third parties in Hollywood have very vulnerable information security systems and this kind of data breach will continue to be in the future.

Finally, Edward Snowden’s Case should not be overlooked in examining this issue. Snowden, an employee of a third-party contractor with The National Security Agency(NSA), gained an access right to servers during his job. He put about 1.7 M top secret documents onto an unauthorized USB flash drive, carried it out of his workplace, and released the sensitive files to the public. Even though Snowden was determined a whistle-blower for the public interest, it was a damaging data breach by an NSA contractor.

The reasons for the above three data breaches are different, so the countermeasures against them should be different as well. However, it is apparently more difficult for an organization to prevent a data breach involving a contractor than a regular employee for the following basic reasons: 1) contractors might have less loyalty to the organization than employees do; 2) contractors cannot obtain regular information security education as easily as employees can; 3) contractors’ information systems cannot be easily treated as parts under organizational information security systems and cannot be managed and monitored as strictly as an in-house system; 4) contractors are sometimes temporarily allowed to gain access to the in-house system, and they often keep their access even when the work is completed.

Nonetheless, it is important to note that unstructured data, such as business files and drawing files that are used by contractors, have not been managed securely enough, whereas organizations usually manage access/rights very strictly when a contractor is granted access to structured data, such as a database storing millions of customers’ information. The sensitive files of the organization can be sent or copied to contractors’ laptops and servers without any restriction, and the organization often has no idea how secure files are managed by contractors. Thus, there are huge blind spots in information security that can cause a great disaster.

Our next blog will demonstrate how to prevent a data breach by utilizing Secudrive solutions, especially when an organization cooperates with contractors. Secudrive solutions can allow workplaces to cooperate by making it possible to safely store, deliver, and manage sensitive unstructured files in separate devices from the in-house system.

Categories
Blog USB Copy Protection USB Sescurity

How to Remotely Manage USB Flash Drives

If you store your files on a USB flash drive, you can update them and share them with others using any computer, anywhere. This is why many organizations decline to take the USB ports off their employees’ computers, even though USB flash drives are responsible for many data breaches. As long as an organization continues to allow employees to use USBs, however, these flash drives should be vigorously managed in terms of information security.

Think about an unintended data breach caused, for example, by a lost USB flash drive storing electronic personal health information. Perhaps encrypting USB flash drives can be enough to prevent unauthorized access to the data on them. Consider the Snowden Case, in which an insider maliciously moved an organization’s sensitive data to a USB flash drive in order to hand it over to an improper person. To avoid such cases, you must adopt copy-protected USB flash drives that allow an administrator to manage users’ rights for copy, network transfer, print, and screen capture.

Secudrive USB Management Server makes it possible for an organization to remotely manage scattered USB flash drives to prevent data leakage, either as a result of employees’ malicious intentions or by mistake. Its major features are as follows:

  • Asset management: USB flash drives can be registered. All information on flash drives, such as the USB type, user, group, security policy, and serial number, can be viewed.
  • Password management: It is possible to set rules for passwords, including minimum length, a minimum number of digits and upper-case letters, and maximum failed trials. Flash drives can be locked, and data in them can be destroyed when the maximum number of trials is exceeded.
  • Usage management: A USB flash drive can be used only with pre-authorized computers. It is possible to manage usage expiration date, a maximum number of logins, a maximum idle time before log out, usage policy when offline, and other settings.
  • Digital rights management(DRM): It is possible to manage users’ rights to copy, print, screen capture, and network transfer. Compatible applications and accessible networks (IP, port, and URL) can be whitelisted. It is possible to prevent the creation of autorun.inf.
  • File management: Maximum file activity log size can be set. Files imported from and exported to other devices can be encrypted and backed up. Files with particular extensions can be blocked or allowed. Files can be distributed to USB flash drives remotely.
  • Log management: It is possible to monitor detailed usage logs such as IP access, access time, and file activities (create, view, modify, save, copy, print, network transfer, screen capture, and delete).

Secudrive USB Management Server is compatible with Secudrive USB Basic+, Secudrive USB Office+, and Secudrive USB CAD+. Secudrive USB Basic+ is a hardware-encrypted USB flash drive with an encryption chip that does not support DRM-related features. Secudrive USB Office+ and Secudrive USB CAD+ are also hardware-encrypted USB flash drives to which DRM features have been added. Secudrive USB Office+ prevents data leakage from business files such as Microsoft Office files, whereas Secudrive USB CAD+ does the same for CAD files such as those from AutoCAD and CATIA.

Organizations have their reasons for using USB flash drives. Secudrive USB Management Server makes it possible to remotely manage them to prevent data breaches of every kind.

Categories
Blog USB Copy Protection

Updating Content on USB Flash Drives After Distribution

CD/DVD is still one of the most popular mediums for content distribution because it is cheap, convenient to produce and easy to handle and deliver for content producers. In comparison to streaming and download services, a CD/DVD does not require an authentication process through e-mail or an internet connection. This technology makes it so that only people who own the physical CD/DVDs can access their content.

However, if the content on a CD or DVD needs to be regularly (or irregularly) modified, CD/DVD is not a good medium for content distribution because you will have to redistribute a new CD/DVD every time the content is changed. You should prepare new physical CDs/DVDs again, burn new content to them and redeliver them to hundreds or thousands of users. That is time consuming and may cost a lot of money. In addition, if you have to keep integrity of data, you’ll have trouble of ensuring that only the newest content is used by recipients after each redistribution.

A streaming/downloading service is also not a good option if (a) internet connection is not guaranteed among users, (b) the file size is large and/or there is not enough network bandwidth to properly deliver it to users, (c) the content is so sensitive that producers need to mitigate the risk of unauthorized access (d) users may not be familiar enough with the Internet-service environment to use a streaming or downloading service.

In any case, Secudrive USB Copy Protection is an effective alternative.

Secudrive USB Copy Protection makes it possible for media producers to set up a URL for clients to download updated content that was previously distributed on a USB flash drive. If you have to update content after the first distribution Secudrive USB Copy Protection makes it so that you only have to upload the new content to a folder and then register the content folder. Secudrive USB Copy Protection automatically compares the content to the original and creates a kind of encrypted .zip file. After you upload this updated file, it is downloaded and updated automatically when you plug the original USB flash into any PC connected to the Internet. Because only the modified files are updated in this situation, Network traffic is minimized

Furthermore, this system makes it so that specific USB flash drives can be prohibited from using the content, or specific USB flash drives can be completely wiped remotely using the update feature. You can also check whether or not a specific user has updated the content.

The bottom line is that Secudrive USB Copy Protection is a copy-protection solution that distributes content through USB flash drives. It can set password access, block access or wipe all the content on a USB flash drive if an incorrect password is used a certain number of times. You can set an allowable period of time in which users can access the content on the flash drives or specify a maximum number of logins. In addition, it allows you to white-list which applications users can access, and you can prevent printing, screen capture, network transfer or copying of the content on the USB flash drives. All these features make Secudrive USB Copy Protection an ideal solution for those needing to exercise maximum control over distributed content.

Categories
Blog Insider threats USB Copy Protection USB Sescurity

Is Your ‘Secure’ USB Flash Drive Secure Enough to Prevent Insider Threats?

Concern about insider threats has been increasing in organizations. Because insiders usually know which information is sensitive for the organization, where the information is, and how to gain access to it, data breaches by insiders such as employees, former employees, contractors, and business associates are more critical than those by outsiders.

A data breach can occur when an insider loses a laptop or sends an email attachment with sensitive documents to the wrong person by mistake. However, an organization can be severely damaged when a malicious insider intentionally targets sensitive information for reasons such as espionage or selling. Insiders can gain access to and deliver information with relative ease.

In 2009, the FBI announced that former Boeing engineer Greg Chung delivered secure documents valued at $2B relating to aerospace technology to the Chinese aerospace industry as a contribution to his homeland over the 30 years he worked for Boeing. This case shows that data breaches by insiders cannot be detected for a long time. Data breaches by insiders, about which we sometimes see news reports, might be only a small part of undetected insider threats.

Some suggest that non-disclosure agreements can keep employees away from wrong-doing or trusting employees is better than adopting security solutions that decrease work efficiency. However, once data breaches occur, they cannot be easily recovered by lawsuits. Thus, prevention is best.

Many solutions have been introduced to prevent insider threats. Data Loss Prevention (DLP) solutions analyze data packets to check if sensitive information is transferred through the network and detect sensitive information containing specific keywords saved in PCs. Enterprise Data Right Management (E-DRM) solutions encrypt transferring files and manage users’ rights to copy, print, and screen-capture files. Finally, insider threat prevention solutions analyze abnormal behaviors of insiders with data and monitor the possibility of threats.

Meanwhile, USB flash drives are still allowed for unavoidable reasons in many organizations. Security-sensitive organizations have introduced so-called ‘secure’ USB flash drives. These enable a user to gain access to encrypted data on the USB flash drive only with the proper password, and they can protect data breaches even when the USB flash drive is lost or stolen. The U.S. governmental organizations are required to adopt hardware-encrypted, secure USB flash drives that comply with Federal Information Processing Standard (FIPS).

However, how can we handle a malicious insider with a USB flash drive? What if a malicious insider puts sensitive information onto an encrypted ‘secure’ USB flash drives., carries it out of office, decrypts the data, and sells it to competitors?

When it comes to malicious insiders, a copy-protected USB flash drive should be used instead of a general, secure USB flash drive by organizations. A copy-protected USB flash drive makes it possible for a user to gain an access to the encrypted data only with the proper password just like an encrypted USB flash drive. Furthermore, an administrator is able to restrict a user’s right to copy, print, screen-capture, and network-transfer files on the USB flash drive. Also, what a user does with files on the USB flash drive is monitored through the internet. There are two types of copy-protected USB flash drives for the purpose of 1) business, for office files and CAD files, and 2) content distribution, for multimedia files. The first can be used mainly for preventing insider threats.

Think about it!

For example, if you adopt an encrypted USB flash drive in your hospital and a staff member deliver one of the encrypted, ‘secure’ USB flash drives containing Personal Health Information (PHI) along with the password to an unauthorized person, can you be assured that the ‘secure’ USB flash drive prevented a Health Insurance Portability and Accountability Act (HIPAA) breach?

Categories
Blog NEWS Press Release USB Copy Protection

Secudrive USB Copy Protection 3.1, an advanced USB copy protection solution for enterprises, released.

SAN JOSE, Calif., Apr. 4, 2017 – Brainzsquare announced its release of Secudrive USB Copy Protection 3.1, an advanced USB copy protection solution for enterprises.

Secudrive USB Copy Protection 3.1 focuses on securely distributing and sharing sensitive data relating to marketing, product development, and finance via a USB flash drive while preventing unauthorized copying.

Secudrive USB Copy Protection 3.1 is compatible with content that runs on MS Office, CAD, and custom applications, as well as multimedia and PDF-type documents supported by existing USB copy protection solutions. All functions of the applications are available while preventing unauthorized copying, printing, screen capturing, and network transferring. For example, a user can rotate a 3-dimensional drawing in AutoCAD, move to another sheet, and refer to a function cell in MS Excel, view an animation in MS Presentation, or read hidden comments in MS Word.

Secudrive USB Copy Protection 3.1 also works with complicated content consisting of multiple files. For example, an execution file refers to a database and requires multiple files to run. With Secudrive USB Copy Protection 3.1, the files can be distributed as a set while copy protection features are maintained.

Moreover, content can be updated after distribution. When a user plugs a USB flash drive into a PC, a built-in program automatically checks if anything needs to be added or changed and then updates content accordingly. The remote update feature can significantly reduce enterprises’ shipping costs for re-delivery of physical devices with new content.

Finally, the manager software can be installed on multiple PCs to enable mass production for situations where customers distribute content to thousands of branches or partners. Each PC with the manager software and the USB hubs can simultaneously produce up to 22 distributed USB flash drives without any USB duplicator.

“Customers can distribute the original files with Secudrive USB Copy Protection 3.1 while modifying the original file formats to PDF-types with existing solutions. When you distribute an MS Excel file or an AutoCAD 3-dimensional file, you can easily understand the distinction between the two if you compare what you use the original with what you only view PDF-style still image file. Secudrive USB Copy Protection 3.1 could be the most effective and secure solution for enterprises to distribute and share complicated and sensitive data,” said Simon Kang, CEO of Brainzsquare.

Categories
Blog USB Copy Protection USB Sescurity

Three advantages of USB copy protection

There are three ways to distribute content that has copyright or intellectual property: CD/DVD distribution, USB flash drive distribution, and downloading or streaming through the network.

CD/DVD has been the most popular content distribution media so far because it is relatively cheaper than any other media and good for mass production. CD/DVD has relatively smaller capacity than other media, so it cannot be used for larger multimedia files. CD/DVD should be used for read-only or play-only content since customers cannot to write onto a CD/DVD after distribution. Since laptops no longer have built-in CD/DVD drives, the CD/DVD is disappearing. That is another reason that other means are being substituted for CD/DVD

Downloading or streaming through a network is currently the best means for content distribution. We download a game, music, and movie file from the online marketplaces of Google, Apple, Amazon, Netflix, etc. As long as customers pay for the content, they are generally able to use it anywhere with any device such as a smartphone, tablet, and PC. Downloading or streaming is cost-effective because it doesn’t need a physical medium for content distribution. However, there are certain disadvantages since the content can be shared with those who know the buyer’s account. Downloading and streaming is mostly used for the distribution of multimedia content, games, and software. Large files are not a problem as long as the network bandwidth can accommodate them. Adding and changing content after distribution is also easily done through the network; however, content might not be reachable when offline.

A USB flash drive is also used for content distribution and recognized as the best medium for large files. A USB flash drive enables a two-factor authentication: an authorized user has to have a USB flash drive as physical evidence, as well as a login/password to view content stored on the drive. Thus, a user is prevented from sharing content with an unauthorized person by sharing login information only. Existing USB copy-protection solutions have utilized only the two advantages: the high capacity and the two-factor authentication.

However, a USB flash drive as a medium has another big advantage: we can write on it. If we think about it, a USB flash drive is an ideal way for read/write content. A user can manipulate or edit the distributed content. In other words, we can utilize a USB flash drive just like a hard disk drive in which all functions of the applications supporting the original content are available as long as copy protection works during utilization. For example, we can rotate and check a 3-dimensional object in a CAD program, jump to the other sheet or refer to a function in a cell in a MS Excel file, view animations in a MS Presentation file, or refer to hidden comments in a MS Word file. A USB flash drive is also okay for complicated content with multiple files, such as the content that contains an execution file and multiple files, including a database to which the execution file refers. You do not need to think about changing the format or style from the original content before distribution. Finally, when content needs to be added or changed, the content can be downloaded and updated onto a USB flash drive through the network.

Only Secudrive USB Copy Protection maximizes read/write features of USB flash drives as a medium for content distribution in this industry. If you need to distribute large, confidential marketing or technical material to your branches and partners, Secudrive USB Copy Protection is the best in terms of production, delivery, cost, and security.

Categories
Blog USB Copy Protection USB Sescurity

Security Levels of USB Copy Protection Solutions and Their Use

USB copy protection solutions prevent users from unauthorized distribution of content stored on a USB flash drive. However, it is not hard to find unauthorized distributed multimedia files via the internet, despite having been originally made using CD/DVD copy protection solutions. Clearly, some copy protection solutions cannot fully protect content against sophisticated digital piracy, and the solutions have different security levels according to the difficulty of creating the unauthorized copy. Therefore, the copy protection solution should be carefully chosen according to the nature of distributed content and how much damage the unauthorized copy can give to a business. In other words, you do not need to use expensive copy protection solutions for protecting content that is not as valuable to a malicious user, while you must use expensive solutions for protecting valuable corporate information.

Using a custom file explorer is one of the simplest ways to accomplish copy protection. Distributed files are located in a virtual drive, and a user can access and view the files only through the custom file explorer. To prohibit unauthorized copying, the menu for copy and print can be disabled in the explorer. These kinds of solutions are relatively cheap and consist of simple features. There is not the concept of ‘master content’, which is necessary for mass distribution. A user should put the content onto a USB flash drive one-by-one to make distributed USB flash drives. You should verify the security level of these kinds of solutions in the following three ways:

First, after plugging the USB flash drive containing content into a PC, open a command window with the administrator’s privilege and see if you can view the name and location of the file. If the file is hidden in a virtual drive, it can be easily copied by the ‘copy’ command in the command window. If the file or the header of it is encrypted, you can easily copy it, too, but the copied file is useless without the custom file explorer.

However, even in the above case, these kinds of solutions have a crucial disadvantage in which the content can be easily copied by a USB duplicator using sector-by-sector cloning. Therefore, you have to choose the solution that requires USB flash drives with serial numbers, which prevents sector-by-sector cloning by allowing only one unique distributed content for only one unique USB flash drive according to its serial number. Then, even if the USB flash drive is sector-by-sector cloned, it cannot work because the serial number of the new USB flash drive is different from the original.

Finally, there are other ways besides copy and print to duplicate original content. For example, in MS Word, you have to check if you can use transfer as a PDF or save to web. It is somewhat hard to control by using a custom file explorer, so the option might be available for unauthorized copy.

The second popular way for copy protection is using a custom file viewer. This solution offers a custom file viewer to access and view encrypted content, which is transformed as a PDF-like format. A USB flash drive stores the viewer and encrypted content. These kinds of solutions generally go with their own exclusive USB flash drives, which have serial numbers so that they can be safe from sector-by-sector cloning. There is not the concept of ‘master content’ for mass production and distribution and recognized as a relatively secure way of using software encryption to distribute a simple file.

The third way controls the functions of applications at the OS kernel level for copy protection. A USB flash drive stores the security policy for a user and the encrypted files to distribute. When the user puts the USB flash drive into a PC to view the files, an agent is installed on the PC that controls the user’s rights according to the security policy saved in the USB flash drive. In this method, all the original functions of the applications can be available, while copy, print, screen capture, and network transfer can be controlled according to the security policy. The file encryption and decryption process happen quickly during the application. It is proper to distribute complicated content which is consist of multiple files. Only Secudrive USB Copy Protection adopts this method. It requires a USB flash drive with its own unique serial number. It has the concept of ‘master content’ for mass production and distribution. It can update files after distribution. It is appropriate to distribute sensitive content, which can be used just like the original with hundreds or thousands of branches or partners in the enterprise. It is recognized as a relatively secure way using software encryption.

Meanwhile, Secudrive USB Office and CAD adopts hardware encryption using an encryption chip equipped in the USB flash drive, so that it can be perfectly suitable for distributing and sharing of sensitive corporate information through USB flash drives. Since the federal government and agencies are recommending using hardware-encrypted USB flash drives, it is certainly recognized as the most secure. In addition, it is possible to freely edit MS Office files containing sensitive management information and CAD files, such as AutoCAD and CATIA containing new product drawings, under copy-protection features. Moreover, the file activity in the USB flash drive can be monitored in real time through the internet. When offline, the logs are stored in the secure area on the USB flash drive, and they can be seen when the network is connected. When the USB flash drive is lost or stolen, the data on it can be destroyed through the internet. It will be useful when sharing proprietary information in small or medium groups. Of course, it is the most expensive.

Categories
Blog USB Copy Protection

Two Ways of USB Copy Protection for Office Files

Traditionally, “copy protection” has been used to describe a technology to keep copyright of an audio/video file or software program from unauthorized copying when distributing it to mass customers. The media for distribution has mostly been a CD/DVD, a one-way medium, which is only for playing once the content is stored in it. However, a USB flash drive has also been used for copy-protection media due to high capacity and portability because of the appearance of high-density video files these days. It is possible to read/write to a USB flash drive so that there could be more possibility to implement copy-protection technology and more types of content could be distributed with more varied ways according to different purposes. Recently, Office files such as Microsoft Word, Excel and PPT have also been commonly distributed to share confidential information with coworkers out of the organization as well as employees in the organization. So, copy protection is not only for audio/video file or software program distribution anymore.

Office files that are distributed through a USB flash drive are mostly related to organizational secrets such as manuals and marketing materials so that its security should be more crucial than that of any other content. When it comes to a breach of that kind of content, it doesn’t simply mean just leakage of copyright but might negatively affect overall aspects of business, including the immediate collapse of organizational reputation. Customers feel a big difference according to which copy-protection technology is applied to handle Office files, while they rarely feel the difference even if copy-protection solutions use different technologies to handle audio/video file or software program. Therefore, the solution should be carefully chosen according to the nature of the distributed Office files.

First, most USB copy-protection solutions generally change an Office file into a PDF format file and encrypt it. Then, they make it possible to view the file through their own exclusive viewer. The nature of the PDF format is just like a still image so that the original dynamic features of MS Office, such as “comment” of MS Word, “animation” of MS Presentation and “function” of MS Excel, which are very useful to explain the multilevel meaning of content, are unavailable. According to preset users’ rights, an exclusive viewer enables or disables users’ rights such as copy, print and screen capture. This is the most common type to accomplish copy protection with MS Office file types.

Second, a new type directly controls functions of applications at the OS kernel level for copy protection. A USB flash drive stores the security policy for a user and encrypted files to distribute. When the user puts the USB flash drive into a PC to view the files, an agent is installed on the PC and then it controls the user’s rights according to the security policy saved in the USB flash drive. In this type, all original functions of MS Office can be available, while copy, print, screen capture and network transfer can be controlled according to the security policy. A user can edit, see comments in a Word file, watch PPT animation, move to different sheets and refer to a function in an Excel file. The original dynamic MS Office file without any transformation can be distributed and users can utilize all functions under tight control. The quality of the content could be kept the same as the original so that the contributor doesn’t have to think of additional things to do to distribute anymore.

Secudrive USB Copy Protection is the only solution that adopts the second method. Secudrive USB Copy Protection is a more advanced solution for the enterprise to distribute Office files containing corporate secrets to specific partners and employees, whether or not they are in the organization, while the general USB copy-protection solutions using their own exclusive viewer are for distributing read-only Office files to the general public.