Product Review: GoldKey Secure USB Token

The GoldKey Secure USB Token works with Windows and Macintosh operating systems to provide a secure place to stash encryption keys for virtual disks. By keeping encryption keys on a small, removable USB token, GoldKey simplifies the task of locking away important information on laptops and encourages good security behaviors.

This article can also be found in the Premium Editorial Download: Information Security magazine: How to be successful with your security steering committee:

IT COMPLIANCE


GoldKey Secure USB Token
REVIEWED BY JOEL SNYDER

GoldKey
Price: Starts at $132 per user token

The GoldKey Secure USB Token works with Windows and Macintosh operating systems to provide a secure place to stash encryption keys for virtual disks. By keeping encryption keys on a small, removable USB token, GoldKey simplifies the task of locking away important information on laptops and encourages good security behaviors.

GoldKey takes on one of the most difficult tasks in hardware-supplemented encryption by providing a manageable hierarchy of master keys, group encryption keys, and the ability to duplicate tokens.


Performance A  

We had no problems in our tests of GoldKey USB on Windows and Mac laptops. Everything worked as advertised without any problems or bugs.

One of the main concerns about encrypted virtual hard drives is the impact on system performance. We tested a GoldKey encrypted virtual disk against one using the operating system's native encryption system (both Windows XP and Mac OS X), as well as a local laptop drive. On our ThinkPad laptop running Windows, the GoldKey disk was about 50 percent faster than a drive encrypted using Windows tools, and about the same speed as the local 7200 rpm laptop drive. On a MacBook Pro, GoldKey was 75 percent faster than the native OS X encryption, although about 60 percent slower than the local 7200 rpm laptop drive. Windows users should see little performance impact in modern laptops.


Management B+  

One of GoldKey's unique features is the ability to use group encryption keys as well as personal encryption keys. A virtual disk may be encrypted by one member of a team, with full access by other members in the same group. GoldKey provides a basic management tool that makes management of groups and group memberships easy.

GoldKey also supports master and grand master keys, as well as the ability to duplicate tokens. Together, these tools help eliminate one of the greatest fears of encrypted data: permanently losing the key. While GoldKey's mechanisms won't scale up to a Global 100 enterprise and don't integrate with the corporate directory, they are easy to use and simple enough for fairly large deployments.

However, be aware that GoldKey doesn't have any online magic to access controls. You can't remotely revoke privileges to read or write a volume from someone, and if someone loses an encrypted volume and token, and writes down the password to the token, whoever finds all three will have full access to the volume. GoldKey doesn't protect you against rogue employees, just forgetful ones.


Other Security Functions C  

While testing GoldKey, we kept hoping it would do more than it does-but it doesn't. Features such as auto-lock of laptop and encrypted drives when the token is removed are present, but they can't be centrally controlled or locked. Other common features, such as automatic timeout to require reauthentication, aren't available. While you can email around GoldKeyencrypted volumes, there is no real integration with any application other than the file system.


Verdict

While GoldKey is far from a do-everything desktop security solution, it handles the problem of key management for encrypted volumes very well.



Testing methodology: We used MacBook Pro and IBM ThinkPad X61 laptops to test the GoldKey USB key. We encrypted volumes and used them for day-to-day operations for a week. In addition, we used simple benchmark tools to compare performance of GoldKey USB, native O/S hard drive and native encrypted file systems.

This was first published in January 2009

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close