Études de cas
Kettering Borough Council turned to iStorage to find an ideal solution which would enable the council to effectively store their constituents’ personal data securely, enabling them to fulfil their promise to protect the needs of their constituents as well as meeting vital GDPR regulation laws. After considering two possible vendors for the purchase of encrypted flash-drives, Kettering Borough Council concluded that iStorage would be the vendor of choice. When prompted on how the council came to this conclusion, IT Analyst Phil stated: “When considering which option would be best for our needs, we found that iStorage seemed to have the best product in the market for what we wanted to achieve.”
As promised, securely packed in its Travel Pouch, nestling in a display box within a sturdy cardboard sleeve. Certainly, the specifications are impressive – offering real-time 256-bit AES hardware encryption – but how does it stack up in practice? Is there a trade-off between security and functionality? The device, housed in a smart soft-feel black enclosure, looks very professional. The large, clear keyboard has a positive “click” action and one immediately wants to explore and find out what is special about it. (Perhaps that’s not good for a security device – maybe it should look scruffy and unloved? It might then be ignored by a potential thief!) The USB cable is neatly enclosed in the side of the unit so I plugged it into my Dell 1750 laptop running 64-bit Windows 7, the drive powered up and a red led illuminated. Now what? For once in my life I had to read the Quick Start Guide! As soon as I entered the default PIN number, the LED turned green and I was able to access the drive, where I found a concise and well-written User’s Manual. My first task was to change the default PIN number for the Administrator and create a new User for myself. This was perfectly straightforward and took only a few moments. I noted that it is possible to set up ten separate Users for collaborative use, each with their own 6-16 digit PIN. I’m not sure that I would allow a number of people to hold their own data on “my” disk but I can see that this feature would be useful to collate e.g. project data or to enable someone to act as a carrier pigeon, securely transporting large volumes of data without being able to read it in transit. The diskGenie could also be loaded with portable applications which would enable the user to PROcess on any available machine. The large capacity of the diskGenie means that it can hold reference material as well as working documents – music and pictures. Just a word of warning, the User Manual does recommend that you log-off from diskGenie before the host PC is hibernated. As a Security Consultant, moving around the country on assignments, I must be able to back up and, if necessary, recover my data whenever and wherever I am. My work is of a confidential nature and there is no way I can risk it falling into the wrong hands – or being unreadable when I really need it. Also, I have no wish to carry more luggage than I need. The diskGenie fits the bill admirably. My only criticism is that diskGenie has not yet been apPROved to carry documents with a UK Government PROtective marking which sometimes limits its use for me. So, how do I use diskGenie in practice? Well, I take a full backup every week or so and lock it away securely. Every day, I synchronise my laptop and save the latest versions of my work to diskGenie. With hardware encryption, the disk is fast, and these incremental backups do not take long to do. I also took advantage of the large capacity of diskGenie to save an image of my operating system and reference material. Now, wherever I am, if my laptop disk crashes, I can replace it, restore from disk Genie, and I’m back in business with the minimum of pain. Alternatively, I can borrow a computer, attach the diskGenie and carry on working, using the portable apps if I choose. Do I worry that diskGenie might let me down? Well, nothing’s infallible but the 16-point omni-directional shock mounting system sure helps! And, if it goes missing, I know I can rely on the 256-bit AES hardware encryption.
If for whatever reason you require hardware-encrypted portable storage this is an excellent option – no software required and works with any OS/device that supports USB 2.0 Mass Storage. Having used Ironkeys before – where you need to run on-board software to authenticate and access the encrypted storage – I can say that diskG* is much better – you can even boot from it and there is no risk of *any* software intercepting your access code as it is entered directly into the drive.
A neat little drive. The square and industrial design is a matter of taste and certainly contrasts with other brands. Personally I like it. Of course, for a portable drive the real value is in it’s usability, and that’s where the diskG* shines! I used to have small, cheap 1TB drives from Samsung and Toshiba and I loved them – silent, no fuss and really small. But a burglary at home, where laptops and all external data backups disappeared, drove home the need for encryption. Although I don’t store anything that I wouldn’t share with my friends, I did have quite a lot of documents on those drives though which would potentially make things really easy for an identity thief – Identity theft being a PROblem not exactly unheard of these days! And with each person currently having to manage up to a 150 user ID-password combinations, where do you keep track of all of them…? Split between paper-based and electronic locations …Someone putting his mind to finding sensitive information and taking the time to browse through the folders on my drives and the laptops could also have found enough hints and information to greatly simplify his attempts at breaking into some of my user accounts, in particular in combination with all the paperwork that was stolen at the same time. Now, it might just be paranoia and possibly the thieves were just after the hardware to sell on. But you never know who then buys the drives and for what purpose. Since then, I have bought a series of portable drives with hardware encryption, to be more at ease next time they get stolen. The diskG* beats them all by lengths in terms of usability. It’s actually smaller than most of the other drives with encryption, it comes with an integrated USB cable and the keypad is great. It’s a simple plug&play drive, exactly like any unencrypted portable drive should be. The only difference is that you’ll have to type in a password on the keypad before the drive is automatically mounted. None of the other encrypted drives I’ve tried keeps that simple Plug&Play use: Although they state they have hardware encryption, those drives mostly mount a normal partition + a virtual CD drive with an encryption software. You first need to wait for both drives to be accessible and then launch the encryption software (which, in some cases, also needs to be configured at first use), wait until it loads and then enter your password. The virtual drive stays there and cannot be removed. The encryption software requiring low-level system access, there have also been a few clashes with my antivirus software (resulting in corrupted files). Fiddly ..and sometimes very lengthy until you finally have access to your data. Not so with the diskG*. It’s a simple and fast operation and there is barely a delay, compared to non-encrypted Plug&Play drives. Transfer rates are comparable to unencrypted USB 2 drives, although probably very slightly slower for smaller copy jobs. Speed tends to even out over bigger jobs of tens of Gbs. Security wise, I have to rely on expert opinions. But from what I’ve read, it seems the diskG* is also safer than most other drives. Although the same encryption standard is used by most manufacturers, its architecture makes it more tamper-proof in case someone extracts the drive from the casing and also because it doesn’t install software on your PC, a potential entry point for hackers. A very happy customer. Despite the fact that the diskG* is more expensive than the other models, I have since bought a second unit. If I had to ask for one improvement, it would be the addition of a USB 3 port for faster transfer.
This is a 5*+ award (out of a possible 5) – it is just brilliant idea. Lovely rugged rubber around it feels quality. Keypad and access very easy and works perfectly. Absolutely lovely to know that ones backup data is protected. A truly brilliant Product. I have struggled with encryption for years, software encryption is a real pain. This keyboard device is just brilliantly simple yet so secure. A must for those wishing to keep their data safe on a mobile basis.
Nothing more to say, except that, apart from being brilliant, it is much smaller and far more portable than I realised.
It’s not often one waxes lyrical about something as mundane as a portable drive but this unit is rather special. Firstly, the build quality seems very high – it can take a drop onto a hard surface of a couple of metres (I found this out the hard way!); the rubberized body makes secure handling easy; and the keypad is positive in use and nicely recessed. And of course, you can now buy these drives in Solid State so they should be even more robust in the event of being dropped. The drive comes with a double USB (Y-split) cable in case using a netbook or similar device, not enough power is available from a single USB port but I’ve never needed to use the second connector with a PC, laptop or netbook. Encryption is a breeze – you’re not even aware of it happening. My drive connects via USB2 and transfer speeds are more than adequate – I opted for the higher (256bit) level of encryption so I can’t comment on whether the 128bit version delivers a higher transfer rate. Setting up your pass-key takes less than 2 minutes (less than 1 minute unless you’re a fumbler like me) and then you are ready to encrypt your files and folders. Of course, whatever you do, never forget your pass-key as recovery of data is not possible – your data are even secure against Brute Force Attack. For anyone working in sensitive areas who needs to transport digital documents, these British-designed and manufactured drives are a must. If those chaps from MI5, MI6, the MOD or the National Health Service leave their sensitive files on yet another train, provided they’re written onto one of these drives and 256bit encrypted, I for one will sleep well in my bed. Superb design, top build quality, excellent on-the-fly encryption – and now available in SSD format and larger volumes, it’s a winner!
Arif Ahmed, IT Security Officer, Aston University
The datAshur device has been evaluated by myself and has proved to be an excellent alternative to some of our current methods of encryption. It is very user friendly and therefore easy to use and this has been the main focus for our staff at the University. We currently have a number of projects at the University involving research data related to the NHS, and a requirement from the NHS contract is that the data is kept secure at all times (including whilst in transit). Previously we were using another encryption solution which was not very user friendly and staff had to be trained on how to encrypt the data. After evaluating the iStorage Product, I recommended that we purchase and use the diskashur DT instead (I believe you have received an order for one of those devices a few weeks ago). I also aim to make this our standard recommendation for deployment of data whilst in transit and specifically when required to protect sensitive data. I am currently using the iStorage datAshur flash drive for demonstration purposes to various departments / project managers, when they are looking for an easy to use encryption solution for a project. I Have found it very useful to show staff members a ‘hands on’ approach as to its ease of use.
Andrew Perkins, IT Governance Manager, Control Risks, a global risk consultancy
We were looking for a simpler way to secure documents being worked on by our affiliates, who might not have secure encrypted laptops. The datAshur encryption met our requirements perfectly, as it can work in any USB port, be it Windows PC, Apple Mac, or even Linux. No software needs loading, so we can also send a datAshur to even our large clients who have locked-down PCs. Communicating the password via a separate route means that we can be sure that our clients’ information won’t fall into the wrong hands. We tested the datAshur’s security and, not surprisingly, our experts couldn’t crack it. At present it’s the only device of its kind on our approved list.
“As part of the on-going digitisation of Radiology Services here at Wrightington, Wigan and Leigh NHS Foundation Trust (WWL), we have, in conjunction with Philips Healthcare, chosen to use iStorage diskAshur with 256 bit encryption as part of an enterprise secure solution to meet the needs of our Breast Screening Services to the patients of WWL. From a security standpoint, the devices are government approved and meet the NHS current requirements of 256 bit encryption of data for transport and from an operational aspect PROvide a very effective way of securely transporting patient data. The disks themselves are also very easy to use by our breast screening staff, once the security pin code has been input. They are rugged and designed in a manner which prevents damage.,br/> As with many breast screening services of NHS Trusts, WWL provides screening in the wider community, for example you may have seen breast screening vans on supermarket car parks or at community or educational establishments to facilitate ease of access for patients. We use the secure diskAshur devices to store patient images from computerised radiography equipment on-board the screening vans, after which the disks are transported back into the hospital for uploading and processing on our computerised radiology systems for diagnosis. The diskAshur devices both protect the patient’s sensitive data as well as WWL’s reputation as a leader of delivering secure effective digitized clinical services to the patients of Wrightington, Wigan and Leigh NHS Foundation Trust”.