USB DATA SECURITY

How to improve your USB data security?

In this year's CES Samsung showed off its 2TB T3 portable SSD drive (following on from the T1). This solid state drive with its massive storage capability, fast read/write speeds and form factor that is smaller than the average business card (weighing just 51 grams), means that mass storage just became even more portable.

Having the ability to store this quantity of data presents a major benefit for all businesses, but also a challenge when it comes to data security. With easy storage and portability comes a responsibility to ensure sensitive business data that can be placed on portable devices like the T3 is safe and secure.

Thankfully the T3 comes with AES 256-bit hardware encryption that is compatible with all major operating systems. Unfortunately, many businesses still fail to have a robust data security management system in place that ensures protocols are followed to protect sensitive information.

As there are a number of USB devices out there with differing levels of protection, the question is which one of these devices should your business trust with its precious data? The main suppliers to pay attention to are:

* Kingston Digital (IronKey Products)
* Verbatim
* SanDisk
* Kanguru

All of these vendors offer a range of USB storage drives with varying levels of storage capacity and data encryption. The latest DataTraveller 2000 drive from Kingston features 256-bit encryption and a keypad for a PIN number (pictured top), which includes technology licensed from ClevX that offers high levels of virus protection.


Protecting data
For businesses there are basically three ways to protect the data that is stored and transported on a USB drive or portable hard drive.

1. Encrypt the data before storage
The first line of defence is to encrypt data before it is saved to the USB device. Systems such as Privacy Drive and Kruptos 2 are desktop services which do this.

This adds a responsibility to use the application to encrypt the data, and of course the application needs to be installed on all devices that the USB drive could be used with in order to decipher the data when it needs to be read. However, this can give your business peace of mind when sensitive data needs to be transported.

2. Encrypt data on the USB drive
The vast majority of the secure USB drives available will have encryption services built in. When the drive is used and data copied to it, the encryption automatically takes place.

This ensures a level of security for your data is always present, but this doesn't protect against malware, for example, which is notorious for using USB drives to spread to other PCs. Your business should have scanning software which automatically checks any external devices that connect to your business network for viruses or malware.

3. Encryption with hardware
Using a hardware solution to protect the data stored on the USB drive is also possible. In the past fingerprint scanning devices have been built into the drives, but today these have largely disappeared in favour of a keypad for a PIN number. As already mentioned, the leader here is the DataTraveller 2000 from Kingston.



Smartphones and tablets

Portable data also means smartphones and tablets. As these devices have become essential business machines, they are increasingly being used with sensitive data. USB drives are now available that use the micro-USB port of Android phones and there's the JetDrive Go 300 for iOS devices that offers 32GB and 64GB of storage.

With these devices, it is important to ensure sensitive documents are stored securely before they are transferred to the drives, with applications such as USB Guardian or USB Immunizer.

The level of encryption that can be used with a USB drive varies depending on the level of protection your business needs. You will see encryption stated as using AES (Advanced Encryption Standard) which is the industry standard. Along with AES a number will be quoted. This is usually either 128 or 256, although 256 is now pretty much the default with current USB drives. The number is how many bits the key has to encrypt and unlock the data. The higher the number, the more difficult it becomes to crack the key.

Six key stepsWhere USB drives are concerned, your security policy should include the following steps:

1. That no personal drives should be connected to any of your business computer systems or network, as this could infect your systems with viruses or malware.

2. Only USB drives secured from your IT department should be used. These should all be tracked to ensure your business knows at any given time who is using which drive and for what purpose.

3. All data that is transferred to a USB drive should be encrypted to 256-bit AES standards. Ensure that the encryption process is automatic to avoid this being forgotten and the copied data becoming vulnerable. Also, use hardware encryption and not just software encryption to give maximum protection.

4. Data that is transferred to a USB drive should be backed up to ensure that if lost or damaged, the copied data can be recovered.