Let’s be honest; data security is a boring subject that no one wants to discuss. Most people don’t want to think about data security until they lose some important or sensitive data and end up facing the wrath of angry customers or even the possibility of prosecution by a data protection regulator. Then the subject becomes incredibly important, but it’s usually too late.
The best way to avoid data loss is to protect the data correctly in the first place by employing proper cybersecurity protocols. But what about data stored on removable devices that physically leave the office? How does a company go about protecting data in those circumstances?
Over the years, there have been some real horror stories about how government departments and businesses have lost precious or sensitive data because an employee carelessly left a USB stick, a CD or a hard drive on a bus or taxi. Such lapses are not only embarrassing, but they can also be incredibly costly. Ensuring that removable storage devices are sufficiently protected is the only way to ensure that sensitive data remains secure.
Kingston Data has been making removable storage in the form of portable drives since 1987, when John Tu and David Sun saw an opportunity in the technology space. In 2016, the company saw another opportunity for removable storage with a cast-iron level of security that couldn’t be broken if anyone should find a storage device that had been lost or mislaid. So Kingston purchased IronKey, a company known for developing encryption solutions for the U.S. Government and military. As a result, Kingston IronKey branded hardware-encrypted drives are some of the best-known ultra-secure drives on the market.
This month I’ve been testing out a couple of Kingston’s new IronKey ultra-secure storage devices to see how effective and, perhaps more importantly, how usable they are in day-to-day use. I tried out the Kingston IronKey Vault Privacy 50 USB Drive and the IronKey Vault Privacy 80ES, a hardware-encrypted SSD with a built-in touchscreen for unlocking the drive by entering a passphrase.
The VP50 USB drive is available in sizes of 8GB to 256GB, which should be more than large enough for storing lots of documents and large spreadsheets. In addition, the drives are sufficiently affordable that they can be given to any employee who needs to take data out of the office, whether because they work at home or travel on business. The IronKey Vault Privacy 80ES SSD drives are available in capacities of 480GB, 960GB and 1920GB.
The neat little VP50 USB drive looks much like any standard USB thumb drive but comes preformatted and loaded with software that can be run off the drive with macOS and Windows computers without installing any software. The solution is self-contained. Just plug it in like any external drive, click on the IronKey icon, and enter the passphrase to unlock the data.
The Kingston Ironkey Vault Privacy 50 USB Drive provides business-grade security with FIPS 197-certified AES 256-bit hardware encryption in XTS mode. It has safeguards against BadUSB with digitally signed firmware and protects against Brute Force password attacks. The VP50 series can have a user, admin and one-time passphrase. Because the data is hardware encrypted, the VP50 series of drives can often be a better solution than using internet and Cloud services for safeguarding data.
When designing the IronKey VP80ES External SSD and VP50 USB drive, Kingston realized that a keypad drive, whether physical buttons or a touch screen (like the one on the VP80ES) could potentially be hacked by analyzing fingerprint traces on the keys. The VP80ES SSD has a Key Randomizer feature turned on by default to counteract this by scrambling the digits and rows of alphabet keys every time the user logs in. Because of this continuous jumbling, a Mission Impossible-style of attack by analyzing fingerprint smudges is impossible.
The Vault Privacy 50 USB drive supports multiple passwords (Admin, User and One-Time Recovery) using passphrase modes. This approach enhances the chances of recovering data if one of the passwords is forgotten. The use of passphrases means the user can secure their data using a numeric PIN, a memorable sentence, a list of words or even the lyrics from a song, just so long as they are between 10 to 64 characters in length.
The Admin function can be used to enable a User and a One-Time Recovery password. It can also reset the User password to restore data access. And to make it easier to type in the passphrase, the user can click on an “eye” symbol in the Ironkey software, which shows the characters as they’re being typed in, reducing the chance of any typos that might cause a failed login attempt. Brute Force attack protection will lock out User or One-Time Recovery passwords after 10 invalid attempts in a row. Then the drive will be crypto erased if the Admin password is also entered incorrectly 10 times in a row.
To protect the stored data against any potential malware installed on an untrusted host computer that the drives are used with, both Admin and User can set to Read-Only mode to write-protect the drive. A built-in virtual keyboard also shields password entry from any keyloggers or screenloggers that may be installed on the computer.
Both of the Kingston IronKey drives are FIPS 197-certified and TAA compliant. In addition, users can customize and configure the VP50 USB series drives with a Product ID (PID) for integrating them with standard Endpoint Management software to meet corporate IT and cybersecurity requirements through Kingston’s Customisation Programme.
Small businesses can use the Admin role to locally manage removable drives by configuring or resetting User or One-Time Recovery passwords. The Admin function can also recover data access on locked drives and complies with laws and regulations when forensics is required.
Verdict: The Kingston IronKey secure drives are essential if your company or employees handle sensitive data offsite. The Kingston IronKey USB VP50 drives are sufficiently affordable and small enough for widespread use. If they are mislaid, there’s no chance of the data being accessed, even by a cybersecurity expert or hacker. The VP80ES External SSD is an ideal solution for anyone who needs to store large amounts of data securely and where faster read and write times are essential. The VP80ES is incredibly rugged, and its built-in touchscreen makes entering passphrases easy because there’s no need to run any software; everything is built into the drive. If you handle sensitive data offsite where there’s no physical security, the Kingston IronKey range is essential and could avoid a lot of hassle. The drives may be more expensive than insecure drives. Still, the small extra cost pales into insignificance compared to the legal and regulatory problems that can arise from lost data.
Pricing & Availability: The Kingston IronKey VP50 USB drive is available from 8GB to 256GB. Prices start at £52.79 / $59.99 / €59.23. The Kingston IronKey VP80ES SSD is available in capacities ranging from 480GB to 1,920GB, starting at £289.19 / $340.99 / €330.27.
More info: www.kingston.com
Kingston IronKey VP80ES SSD
- Interface: USB 3.2 Gen 1.
- Connector: Type-C.
- Accessories: Neoprene travel case, USB 3.2 Gen 1 C-to-C cable, USB 3.2 Gen 1 C-to-A cable.
- Capacities: 480GB, 960GB, 1920GB.
- Speed: Up to 250MB/s read, 250MB/s write.
- Dimensions: 122.5 x 84.2 x 18.5mm.
- Compatibility: USB 3.0/USB 3.1/USB 3.2 Gen 1.
- Warranty: Limited 3-year warranty.
- Compatible with: Microsoft Windows, macOS, Linux, Chrome OS or any system that supports a USB mass storage device.
Kingston IronKey VP50 USB
- Hardware-encrypted USB Drive for Data Protection
- FIPS 197 Certified
- XTS-AES 256-bit Encryption
- BadUSB and Brute Force attacks prevention.
- Multi-Password Option.
- Passphrase Mode: Select between Complex or Passphrase password mode.
- Virtual keyboard to shield password entry from keyloggers and screen loggers.
- Dual Read-Only (Write-Protect) settings
- Interface: USB 3.2 Gen 1
- Capacities: 8GB, 16GB, 32GB, 64GB, 128GB, 256GB
- Connector: Type-A
- Speed: USB 3.2 Gen 1
- 8GB – 128GB: 250MB/s read, 180MB/s write
- 256GB: 230MB/s read, 150MB/s write
- USB 2.0: 8GB – 256GB: 30MB/s read; 20MB/s write.
- Dimensions: 77.9 x 21.9 x 12.0mm.
- Waterproof: Up to 4 ft; IEC 60529 IPX8.
- Operating temperature: 0°C to 60°C.
- Compatibility: USB 3.0/USB 3.1/USB 3.2 Gen 1.
- Warrant/support: Limited 5-year warranty, free technical support.
- Compatibility: Windows 11, 10, 8.1, macOS (v. 10.14.x – 12.x.x)