Although physical theft or accidental loss of the device still has the potential to create a major inconvenience,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
the self-deleting feature is a good defense against physical theft of the device. The mechanism allows the device to erase all the data stored on it in the event of repeated attempts to access the data using the wrong password, which provides a lot of peace of mind when a device containing sensitive data goes missing. The feature, however, does underline the need for frequent backups.
Beyond combating simple physical theft, properly armored USB devices can defeat attempts to beat their encryption through physical access to the chips. And devices that contain their own keys have the potential to defeat attempts to capture keys from system memory. Note that the operative word here is "potential." I have not had a chance to conduct a thorough review of these devices, and so I can't say that they implement their encryption schemes in a foolproof manner. That's why I recommend that enterprises investigate them further before adopting.
Some of these devices are also sold with an online component to enable secure communications and backup of data and keys, as well as provide malware protection. Again, this sounds like a sensible approach, but real-world implementations would need to be tested before betting the security of your enterprise's data on them. And, of course, these devices are no defense against a user who is prepared to be dishonest and sell your data to a competitor. For example, I don't see anything in the default configuration of these devices to stop a user handing the encrypted drive to a stranger who then plugs it into his or her laptop, enters the whispered password and copies the targeted data.
Implementing this technology in an enterprise may hit practical limits in the area of price and capacity. I just checked the space used by what I consider essential content on my laptop, and it takes up more than 40 GB. That number does not include my 30 GB MP3 collection, but does include a fairly large photo collection that I could conceivably exclude from "essential work files." That means a 32 GB flash drive might work for me, and encrypted drives of this capacity are now available, although you pay a premium for high capacity. On the other hand, my work these days includes some storage-intensive video editing, so I might not be a typical enterprise user. The bottom line is that prices of these devices will continue to fall over time and capacities will increase, so they may fall into line with enterprise economics at some point in the not-too-distant future. Conducting an in-house trial of the technology before then may be the smart thing to do.
Dig Deeper on Disk Encryption and File Encryption
Related Q&A from Michael Cobb
The TLS protocol has fallen on hard times, but expert Michael Cobb explains how client puzzles can help fix some of the problems.continue reading
Microsoft's Wi-Fi Sense for Windows 10 can share encrypted passwords for Wi-Fi networks, but is it safe? Expert Michael Cobb has the answer.continue reading
Several security vendors and providers have been hacked over the last year. Expert Michael Cobb explains how enterprises should prepare for a vendor ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.