We’re all becoming more security conscious since a day doesn’t go by without cybercrime being a major news story somewhere in the world.
But what if the information you hold is so sensitive that it can’t ever be misplaced be or accessible to anyone outside a trusted group?
The answer, according to iStorage, is a USB drive built around a practically impenetrable hardware encryption model. It is designed to fend off brute force attacks and physical intervention while keeping whatever you put on it inaccessible to all but you.
But is it the secure drive that many need that justifies such a high price for these amounts of flash memory?
- Also check out the best portable SSD of 2019
The visual styling of the iStorage datAshur Pro² bears some similarity to a climbing piton, and it’s so robustly made that it might double as on in a pinch.
Construction mostly from anodized and ruggedized extruded aluminium, with a Zinc-alloy loop at one end, this is taking abuse resistance to an extreme.
There are two parts; a metal outer sleeve and the inner drive that fit together precisely with a rubber water seal between them when pushed together.
The only problem with the outer sleeve is that once removed, it can easily be misplaced by someone in a hurry.
Assembled it is roughly 88 mm long, 20mm wide and 14mm thick, and weighs 37 grams. Removed from the sleeve the drive is 3mm shorter and 28 grams, and has at one end a USB 3.2 Gen 1 (AKA USB 3.0) blade, although it could easily be used with USB Type-C with a suitable adapter.
Near the blade end or three LEDs of different colours, and along the body are a numeric pad and a couple of special function keys.
The purpose of the keys is to provide password unlocking of the device, as the storage inside is fully hardware AES-XTS 256bit encrypted with a Common Criteria EAL4+ ready secure microprocessor.
This chip was made to provide dedicated hardware for protection against SPA/DPA/SEMA, DEMA attacks, and uses a FIPS PUB 197 validated encryption algorithm.
It has so far achieved security validation for FIPS 140-2 Level 3 and NCSC CPA, NLNCSA BSPA & NATO Restricted validations (pending).
Given that the circuits inside are flooded with resin and cutting into the body would probably destroy the drive, the only viable access to the contents is with a valid code.
Here’s how the iStorage datAshur Pro² performed in our benchmark tests:
CrystalDiskMark: 128.8MBps (read); 115.2MBps (write)
Atto: 139.8MBps (read, 256mb); 126.3MBps (write, 256mb)
AS SSD: 131.67MBps (seq read); 119.38MBps (seq write)
When you first receive the drive you must first provide an Admin code, and then you can create user codes if the device is to be used by several people.
This isn’t a very complicated process, but it is vital that you remember the admin code since without it you can’t administrate the device.
The limitations on the codes are that it must be at least seven digits, with a maximum of fifteen, and you can't use the same number repeatedly or number runs (1,2,3, 4…).
With seven number code ranging from 0 to 9, that’s a million possibilities, although excluding the number runs and repeats reduces those possibilities slightly.
If a user pin is entered wrongly ten times then only the admin pin can recreate it, and if the admin pin is entered wrongly ten times whatever is on the drive will never be accessible ever again. The drive can be reset and used again, but the contents is lost.
That solves the issue of it falling into the wrong hands, but does so by providing the thief with the means to delete the contents and sell the drive to another person.
If what is stored on the drive is important, having a way to erase it without knowing any codes does appear a mild oversight.
What’s also slightly unexpected about the iStorage datAshur Pro2 is that the internal battery that allows the unit to be unlocked while it isn’t connected to a PC.
We mention this because unless you use a USB extension cable, we’d not recommend inserting it into a USB port and keying sequences into the pad.
For starters, the drive will be at 90 degrees to the key legends.
But the bigger issue is that the drive won’t be supported, and will act as a lever on the USB receptacle in the host computer.
Pressing the unlock button on the end of the drive will have that force multiplied by the length of the drive, and with repeated use could damage the port or the board it is connected.
If you unlock it away from the computer, you have thirty seconds to insert it, which should be sufficient time.
At approximately 6mm wide by 5mm high, the numeric buttons are small and to press them most adults will need to use a fingernail rather than the tip of a finger.
One obvious solution would be a software installable app that enabled the codes to be keyed at the PC, but that would offer the possibility of the codes being captured by a keylogger and open up the device to other attack avenues.
Having the keys on such a small device isn’t ideal, but it should be secure unless your codes are easily predictable or you are seen entering them.
If you like hardware encryption on your mobile storage then be prepared to pay for that privilege. The drive comes in 4,8,16,32,64,128,256 and 512GB capacities, and from the UK iStorage site, they cost £49, £69, £89, £109, £129, £169, £279 and £369 respectively.
For those curious, the larger drives offer better value, with each GB in the 4GB model costing £12.25 and every GB in the 512GB drive just 72p.
The comparative US pricing quoted on Amazon.com is $63.98, $84,$100.48, $126,$150.80, $218, $362.48 and $478.
Most of the competitor drive only offer basic AES-256bit encryption and require the unlock codes to be keyed into the computer, making them inherently less secure.
There are a few designs that have buttons for code entry, like the remarkably similar Apricorn Aegis Secure Key 3Z, but none of them offers the resilience of the iStorage datAshur Pro².
One good alternative is also from iStorage, the diskAshur Pro². Depending on the model these are either external 2.5-inch hard drives or SSDs and come in capacities up to 8TB.
The diskAshur Pro² 256GB SSD model is £159, nearly half the price of the datAshur Pro² of the same capacity, and the transfer speed is approximately three times as fast.
Compared with external SSDs, the performance of the datAshur Pro² is modest.
In our testing, it reliably achieved around 130MB/s read speed and 115MB/s write on a USB 3.1 Gen 1 port. If you only have USB 2.0 handy, you should expect speeds between 35MB/s and 40MB/s.
Even those speeds aren’t terrible, but if you have large documents to secure you might find that having USB 3.0 (AKA 3.1 Gen 1) is a necessity to get the most out of this hardware.
If you like your information to be carried in a secure form, the datAshur Pro² does that job even if we’d hardly call it frictionless security. Codes, keyboards and the memory of the typical human are all factors in how well protection like that offered by this device works.
For those who can remember the codes without writing them down, and have digits that can hit these keys, this might work very well.
However, we’d avoid keying while the drive is inserted in a computer.
The biggest issue the iStorage datAshur Pro² faces is that it doesn’t represent the same value for money as the iStorage diskAshur Pro², where the cost per GB is much better, and so is the performance.
This product is much more pocketable and more robust, but it doesn’t offer bigger capacities, and it costs much more for the available space.
When you compete with yourself you can only win might be the logic iStorage applied here.
- Looking for more durable drives? These are the best rugged hard drives of 2019