New-Encrypted-SSD
Cybersecurity

 Kingston’s New Encrypted SSD Unlocks Via Touch Screen

Short on time? Listen instead.

Kingston Technology, a company founded in 1987 in California, has begun selling a new secured external solid-state drive called the “IronKey Vault Privacy 80.” The device uses an external enclosure that includes a built-in touchscreen unlock feature, and they claim the drive is Federal Information Processing Standards (FIPS) 197 certified. 

What Happened

While there are many ways to secure your data on external devices, many are operating system (OS) dependent or require a software download, installation, and configuration. With the Kingston IronKey, these issues are no longer of concern as the manufacturer has engineered them right into the hardware itself, making it independent of the OS (as long as it is capable of using USB-connected storage devices).

However, the fact that it is all onboard is one of many pluses of this device. It also includes numerous other security features and ease-of-use items, making it an excellent option for those who want mobile storage capabilities.

Let’s take a look at some of those security features and how they might be of benefit to your organization.

Security Features

For more details from Kingston:  Datasheet

Protecting an external hard drive can be a burden, considering its portability and size. It is quite simple to disconnect the drive and plop it into a purse, pocket, or briefcase, and no one would be the wiser unless there is a physical check of those locations at exit points. However, the Kingston IronKey Vault has some beneficial features to protect you from data loss.

To start, you can set up an administrator access password, which allows you to protect the drive from misuse, or, if stolen, make it much harder to access any data resident on the industry. Once you have set the administrator up, you can continue adding a user access account separate from that of the administrator, giving you another level of security control over the device. 

Kingston uses an onboard touch-screen for access control, allowing users to access the drive with either a numeric keypad or an alphabet-based password. The password criteria for length can be set at a minimum of between six and sixty-four characters, with any number of letters, numbers, or spaces.

The administrator can also set password criteria to restrict the number of password attempts and how the device reacts if the maximum number of attempts is exceeded during a specified period. This type of protection can be helpful when dealing with a brute force attack against the passwords of the administrator or user, as well as other methods of bypassing these types of security measures.

The drive also can connect to various types of USB ports, including USB C and USB 3.2 cables, with backward compatibility with USB 3.0 ports. It is also compatible with Windows, Linux, Mac, and Chrome operating systems, claiming that any system that supports USB mass storage devices will also be supported.

As for device encryption, IronKey is certified to the Federal Information Processing Standards (FIPS) 197 XEX Tweakable Block Cyphertext Stealing Advanced Encryption Standard (XTS-AES) at the 256-bit level, which is a pretty decent level of hardware encryption for data at rest. By using two separate AES keys, one for the tweak value and the other for the block encryption, the security level is greatly improved overall and much harder to crack.

Beyond these up-front features, some are internal to the device, such as the auto-timeout and Secure-erase features. 

  • Auto-timeout can be adjusted to lock the drive when it isn’t in direct use for a specified period, lowering the likelihood of a breach by theft during an unlocked period. 
  • Secure erase is when it is necessary to destroy or replace a drive containing sensitive data. By removing the encryption key on the device, the data resident becomes unretrievable using any modern-day methods. 

Your drive can also be write-protected by the administrator and then again by the user, which provides an even greater level of security by helping to ensure that there is no loss due to unintentional or intentional overwriting of essential data.

Finally, having an administrative management system onboard that protects the organization from potential user misuse is of immense importance as well. Security at the organizational level should always be administered and may even be required by regulations and laws about what your organization does. For instance, medical providers must follow the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Each of the above features can have a direct impact on your organization’s data security and the continued value that data provides to it. 

How will this Affect You?

Investing in a reasonably inexpensive storage solution is still an outlay of money that needs to be backed by solid reasoning and need. With security features onboard and internal, the Kingston IronKey Vault Privacy 80 may provide a reasonable option for mobile organizations or have data that needs to be moved from location to location physically. It is also an alternative to other methods of storage that are bulkier or less mobile in situations where there is a need for a smaller form factor that can move from one location to another with little or no fuss.

A medical provider using a mobile outlet, or a technology adviser with corporate data of a sensitive nature, could find this type of drive to be an invaluable means to securing data while traveling. Being able to store your data in an encrypted form is worth a lot to those who gather and use such data daily.

Mobility aside, the administrative control of any organizational storage devices is an absolute must to provide policy and legal protections, which can also save your organization during an audit or (let’s hope not) forensic investigation.  

Finally, it is also essential to erase a drive like this and either reuse or decommission it from your inventory. In cybersecurity, this is the end of life for any technology device that has been used to  store or process data.

What should you do

Check out any new technology solutions before purchasing and ensure they have the capabilities you are looking for or need. Capacity, security, usability, repair or replacement costs and other considerations are part of a purchase-and-use plan. It also may save you the hassle of spending money and time bringing in that new technology only to find out that it isn’t what you need or won’t work for its intended use.

Northstarr Recommendations 

With IT knowledge and expertise that spans decades, Northstarr System Solutions is uniquely positioned to offer you and your organization the knowledge to back your research into technology solutions that are needed to move your business forward into the future.

To find out more about how we can help, visit our website or call (888) 767-2210 to set up an appointment.  We look forward to meeting with you!