May 26, 2012, 7:30 AM — If you're physically transporting data you don't want other people to see, you should be doing it on secure media. And what better than something that hides easily within a pocket? Secure flash drives that are only about the size of a small cigarette lighter feature robust hardware security to make them super secure. You'll pay a premium for the integrated security, but you can't put a price on the peace of mind you get by knowing that your data is locked down.
To get the skinny on the state-of-the-art in secure flash drives, we took five hardware-encrypted drives for test spins. The results? As far as security is concerned, it's all systems go. Three of the units--the Kingston DataTraveler 4000 Managed, the Kanguru Defender 2000, and the CMS CE-Secure Vault FIPS--are certified to Level 2 of the government's FIPS 140-2 security standard. The Imation Defender F200 ratchets that up to Level 3. The Apricorn Aegis Secure Key is being processed for Level 3 certification, though it is not yet certified.
[ FREE DOWNLOAD: The law of unintended storage consequences ]
Those last two drives add a bit of panache and intrigue to what otherwise appear outwardly to be garden-variety flash drives. Imation's Defender F200 has an integrated fingerprint scanner, while Apricorn's Aegis Secure Key has a PIN-entry keypad.
The Defender F200 and the Aegis Secure Key share an advantage beyond their hint of spy drama--they're operating-system and device agnostic. The other three drives in our roundup use client software interfaces to manage access to their data. This limits their use to Windows, OS X, and, in the case of the Kanguru Defender 2000, Linux. After you unlock the Defender F200 or the Aegis Secure Key with their hardware mechanisms, you can use them just as you would a normal USB flash drive. That means TVs, digital media adapters, printers, tablets, and laptops are all fair game.
Not in the Fast Lane
Unfortunately, current secure flash drive performance doesn't match security, largely because they're mired in the USB 2.0 past. In fact, none of the manufacturers reviewed here expect to release a USB 3.0 model until at least late this year. The fastest drive in this roundup tested nearly four times slower than two nonsecure USB 3.0 flash drives we included for comparison. Performance isn't the main reason you buy a secure flash drive, but you might want to stick with cheaper, smaller-capacity models until the faster technology shows up. (And pray you never have to get out of Dodge in a hurry.)
The Secure Advantage...
All the drives in this roundup use the 256-bit AES hardware encryption required to achieve FIPS 140-2 Level 2 certification. Though you can certainly secure your data with a normal USB flash drive and encryption software such as the free TrueCrypt or EncryptStick, a chip is harder to hack, and to reach it means actually tampering with the drive, which is easy to detect.
FIPS 140-2 (Federal Information Processing Standard, Publication 140-2), referred to above, is the government’s take on methods for securing data. It’s not a technology, but rather a definition of what security mechanisms should do. There are four FIPS 140-2 levels. Level 1 involves using an approved encryption algorithm (such as AES 256). With Level 2, the encryption is supplemented by a means to reveal tampering. Level 3 adds protection for the encrypting mechanisms and algorithms themselves. And with Level 4, you add physically daunting packaging and fry the data and decrypting mechanisms if a breach occurs.