As far as data security goes, most USB flash drives are rated pretty-low. You see, security can only be strong when it's easy to use and people won't go through lots of procedures to get a half-good experience - even when data security is at risk.
One of the simplest - but yet hard to accomplish - ways of keeping data safe is by using encryption - a way to scramble data that makes it unreadable unless you know the key to decrypt it. What kind of data would you likely see encrypted? Business documents, financial disclosures, government plans, user lists just to list a few.
Take for example people who send data files as email attachments. In most cases this data is sent in the clear and there's the risk of being intercept in transit (remember, email is not a secure protocol) or simply sent to the wrong person (oh yes, you've read about this happening a few times in New Zealand). In Australia these kinds of breach can now carry a fine and in Europe the General Data Protection Regulation (GDPR) will come into force early 2018, unifying data protection for individuals within the EU.
These situations could be avoided by sending an encrypted version of the data while delivering an agreed decryption key via a different channel (face-to-face for example). But sometimes the data to be transferred is too sensitive to be sent, even encrypted, via email. In some cases the best option is to deliver the data on a storage media - but still encrypted, just in case this media falls in the wrong hands.
There are many solutions to solve this problem but most have some pitfalls. For example Microsoft's own BitLocker technology allows you to encrypt storage and allows you to read it if you know the password. But it only works on Microsoft Windows and does not a self-destruct component. Full disk encryption software may have some cross-platform components but are usually harder to use.
iStorage, a company that specialises in data security, came up with a simple to use, yet powerful and portable solution. Its datAshur range of encrypted USB flash drives is secure and allows for both end-user easy-to-use and enterprise deployments.
The datAshur USB flash drive is portable because the encryption happens on the device itself, with no need of any software to be installed on the host computer. This means that any computer - event tablets or smartphones - that can read a USB flash drive can read the contents of the datAshur Pro when it's unlocked.
The device itself has a keypad (1 - 0 and a lock key) that allows you to manage its functions as well as enter a PIN of your chosing that will be used to unlock the device. Once you unlocked the datAshur Pro you have a few seconds to insert it into a USB slot and it will be treated just like any other USB flash drive by the host computer. Remove it from the USB slot and it will automatically lock again.
Encryption and decryption is handled by the datAshur Pro itself and is only enabled when you enter the correct user PIN. If you have configured the datAshur Pro with an admin PIN then you can also determine what kind of access a normal user can have to this data - for example you can make the device read only for standard users, avoiding the risk of data being modified without authorisation.
The datAshur Pro will also detect brute force attacks (where an unauthorised user repeatedly tries entering different PIN, trying to guess the correct one). The device will automatically disabled the user PIN after ten incorrect unlock attempts, and if an admin PIN is enabled then another ten attempts, with a different PIN, will be allowed. If unsusscesful repeated attempts are detected the PIN is invalidated and the data is no longer retrievable. The PIN resets to the factory default and the device can only be used after a new partition is formatted.
The device is USB 3.0 compatible, which means ultra-fast read and write operations when plugged to a USB 3.0 slot. It comes in capacities ranging from 8GB to 64GB and it is IP57 certified (water and dust resistent) - it also comes with an aluminium sleeve to protect it even more. These flash drives can be customsied with etched logos and names.
Talking about certifications, the datAshur is FIPS 140-2 Level3 certified (Level 1 requires a cryptographic module, Level 2 requires tamper-evidence mechanisms and Level 3 requires physical restrictions on accessing the Critical Security Parameters (CSP) inside the cryptographic module). It currently is being certified for CESG CPA (Commercial Product Assurance).
The datAshur comes with a simple brochure that gives you the basics - what is the default PIN, how to change it and a couple of configurations. This will give you instant security but to go to the next level (administrator PIN, reset, etc) you can download the full manual from their website. The device respond to keypresses and you will decode the answers based on LED feedback (colours and blinks). Keep that PDF manual somewhere handy if you think you will be changing parameters frequently.
The device relies on a rechargable built-in battery that will power it while you enter the PIN and give you the LED feedback. This battery charges from USB while it's plugged in. The advice is to plug it for at least 60 minutes before first use, so that the battery is fully charged.
iStorage also offers other storage device form factors, including encrypted desktop drives and external encrypted HDD and SSD.