How to improve your USB data security

Creating a sound USB data security policy for your business

How to improve your USB data security

Note: Our USB data security feature has been fully updated. This article was first published in November 2012.

At this year's CES Samsung showed off its 2TB T3 portable SSD drive (following on from the T1). This solid state drive with its massive storage capability, fast read/write speeds and form factor that is smaller than the average business card (weighing just 51 grams), means that mass storage just became even more portable.

Having the ability to store this quantity of data presents a major benefit for all businesses, but also a challenge when it comes to data security. With easy storage and portability comes a responsibility to ensure sensitive business data that can be placed on portable devices like the T3 is safe and secure.

Thankfully the T3 comes with AES 256-bit hardware encryption that is compatible with all major operating systems. Unfortunately, many businesses still fail to have a robust data security management system in place that ensures protocols are followed to protect sensitive information.

As there are a number of USB devices out there with differing levels of protection, the question is which one of these devices should your business trust with its precious data? The main suppliers to pay attention to are:

All of these vendors offer a range of USB storage drives with varying levels of storage capacity and data encryption. The latest DataTraveller 2000 drive from Kingston features 256-bit encryption and a keypad for a PIN number (pictured top), which includes technology licensed from ClevX that offers high levels of virus protection.

IronKey
Now owned by Kingston, few USB drives offer the high levels of data protection available with the IronKey range

Protecting data

For businesses there are basically three ways to protect the data that is stored and transported on a USB drive or portable hard drive.

1. Encrypt the data before storage

The first line of defence is to encrypt data before it is saved to the USB device. Systems such as Privacy Drive and Kruptos 2 are desktop services which do this.

This adds a responsibility to use the application to encrypt the data, and of course the application needs to be installed on all devices that the USB drive could be used with in order to decipher the data when it needs to be read. However, this can give your business peace of mind when sensitive data needs to be transported.

2. Encrypt data on the USB drive

The vast majority of the secure USB drives available will have encryption services built in. When the drive is used and data copied to it, the encryption automatically takes place.

This ensures a level of security for your data is always present, but this doesn't protect against malware, for example, which is notorious for using USB drives to spread to other PCs. Your business should have scanning software which automatically checks any external devices that connect to your business network for viruses or malware.

3. Encryption with hardware

Using a hardware solution to protect the data stored on the USB drive is also possible. In the past fingerprint scanning devices have been built into the drives, but today these have largely disappeared in favour of a keypad for a PIN number. As already mentioned, the leader here is the DataTraveller 2000 from Kingston.

SanDisk Android
Phone memory can now be expanded with USB drives, but don't forget to encrypt any sensitive data

Smartphones and tablets

Portable data also means smartphones and tablets. As these devices have become essential business machines, they are increasingly being used with sensitive data. USB drives are now available that use the micro-USB port of Android phones and there's the JetDrive Go 300 for iOS devices that offers 32GB and 64GB of storage.

With these devices, it is important to ensure sensitive documents are stored securely before they are transferred to the drives, with applications such as USB Guardian or USB Immunizer.

The level of encryption that can be used with a USB drive varies depending on the level of protection your business needs. You will see encryption stated as using AES (Advanced Encryption Standard) which is the industry standard. Along with AES a number will be quoted. This is usually either 128 or 256, although 256 is now pretty much the default with current USB drives. The number is how many bits the key has to encrypt and unlock the data. The higher the number, the more difficult it becomes to crack the key.