Datalocker has recently launched their DL4 FE secure storage solution, covering both a standalone device and a management platform for larger deployments. This review look at the standalone device usage and how it fits into the data security landscape. I look at what kind of problem does the Datalocker DL4 FE solves and how easy it is to use it.
Every industry has a need for security and safety postures but occasionally data needs to be moved between interested parties. The idea is always to transfer data in a secure but easy to use way.
Sharing data via email is obviously the easy way but is not the best solution. Sensitive content encryption is not a task most computer users are familiar with, causing unprotected data to traffic over the Internet until it reaches its destination - visible to servers in-between and to admins within the entities. Errors can also happen when sending data to the wrong recipients and we have seen these happen here in New Zealand quite a few times.
Some email platforms support data policies that prevent attachments from being sent outside the organisation (which doesn't help if you need to send it to external contacts) or require specific process but this is not adopted by all organisations.
Modern cloud services can help solve the "easy way" but also allow for human errors that can expose data - access control configuration errors can leave data open to the world and these exposed data buckets can easily be found through specialist search engines such as Shodan and other similar services. Cloud services can also pose a risk if it breaches data localisation policies might that restrict where in the world data can be stored.
For years we have seen encrypted external storage devices but not many managed to overcome the ease of use barrier. Devices with physical keys require users to follow a very specific sequence of keys to manage settings, change passwords and in general lack useful feedback. Other devices use programs that must run on your computer to provide for data encryption.
The Datalocker DL4 FE solves these problems. All data stored on this device is encrypted on the device itself, with hardware-based encryption using the AES 256 specification. There is no software to install on your computer and all operations are done through a menu-based colour touchscreen interface. For most users the most complicated operation will be setting up a password - it will require you to enter a new password twice for confirmation. It even comes pre-formatted with an exFAT partition so it can be used on most computers (Windows, macOS and Linux) available today without any other user interaction.
For normal operation after you first setup the password on a new device, you just have to plug the Datalocker DL4 FE into your computer (both USB-A and USB-C cables are supplied) and enter a password to unlock it. The on-screen keyboard has letters, numbers and special characters. Each time you plug the device the rows will change position onscreen to reduce the risk of someone learning your password through a smudge attack or by overlooking the finger position when entering it.
Once plugged to your computer and unlocked the Datalocker DL4 FE will appear just like any other external drive on your system. By default, the drive will automatically lock after a set timeout of 60 minutes, which can be changed.
The initial password you create is also the administrator password, allowing you to change device settings, including the already mentioned timeout, password length and complexity as well as enable a user mode, which will have its own password with no access to the settings menu.
For added security, the administrator can limit the number of failed unlock attempts and what action to take if someone tries to unlock the device too many times with the wrong password. The action options allow you to erase the content or permanently brick the device. If the second option is set it will do exactly that: if someone tries to unlock it too many times with the wrong password not only the data is erased but all encryption keys and passwords so the device is useless from that point.
Another security option is the SilentKill code, which is a fallback code that can be entered to instantly delete all data on the device, before reaching the number of wrong passwords. Just remember, once data is erased (either due to too many wrong password attempts or SilentKill), it's gone forever.
Once you enter a correct password you are shown the options to either connect to your computer as a drive, access the settings menu or change language. All menu options and messages are localised to To change between user and administrator modes you have to unplug the device and plug it back in so it restarts.
In terms of physical security, the Datalocker DL4 FE comes with a Kensington Security Slot and its body is also constructed in a way to be tamper-proof. The device is currently undergoing FIPS 140-2 Level 3 certification with the National Institute of Standards and Technology (NIST).
The Datalocker DL4 FE is of similar size to other 2.5" external drives, measuring 12.3 cm x 7.7 cm x 2.1 cm and weighing 294 g.
Storage capacity will depend on the model you purchased but include SSD (1 TB, 2 TB, 4 TB, 7.6 TB and 15.3 TB) and HDD (500 GB, 1 TB and 2 TB) options. The model I received for testing is the 1 TB SSD and speeds were pretty impressive for an external device, with CrystalDiskMark showing bot sequential read and writes in excess of 200 MB/s.
The Datalocker DL4 FE is one level beyond other devices, thanks to its ease of use (the touchscreen helps a lot) and performance.
