Secure Mobile Data

Secure Mobile Data

Rocco Gagliardi
by Rocco Gagliardi
time to read: 4 minutes

Everyone needs access to data, whether it is online or offline. Sometimes, there is a need to transfer data between two devices (hopefully both with encrypted storage).

Sometimes, you are an unprivileged user and cannot install software (better: you – as a security expert – always work as an unprivileged user, even on your home computer, and sometime you do not have the ability to go in privileged mode).

This is the time where the workarounds are pretty creative. In these situations, you are under pressure (you have to present something and your VGA adapter is in the office, so transfer the presentation (or, just to make sure everything will work, the whole directory) to the first computer you can attach to the projector using the first USB key you get): data exposed for a short period of time may remain as a copy on a USB key where the files were just deleted. Do you use a FIPS eraser to clean the files?

Time, urgency, pressure may lead to errors and finally to unprotected data.

In recent years, TrueCrypt has helped us to keep data secure, but still requires the user to work rigorously, requires the ability to run software on a device, expose the pass phrases to keyboard sniffing attacks and is limited to some device+OS combinations.

Protecting the Data

I have tried different solutions over the years, and – finally – last June, I spent around 160 Swiss Francs and ordered a Carbide USB Stick, a USB key with hardware encryption.

The World’s Best USB-Key, according to the vendor

Pros

Basically, if you work rigorously, it keeps data relatively secure (note that even if you leave the data on the stick, the process of the data is in the computer memory, swap etc. but your HD is encrypted!).

The device has following features:

Unlike most encrypted drives that only work with specific combination of devices+OSs, the physical PIN code entry on the side of the drive allows for universal compatibility. You can unlock the key using the keypad and stick in the USB device port in the next 30 minutes. The computer or Android devices or television recognizes it as a normal USB key.

Remove the device (physically or virtually) and the drive is locked.

In addition to the physical and security defenses of the Carbide drive, the drive is also protected from viruses by ClevX DriveSecurity™ powered by ESET. Carbide includes a full 5-year license for DriveSecurity.

Contra

I found just one problem: the speed. If you work on Word documents, then the delay is noticeable; in this case the temptation to make a temporary copy on the desktop is irresistible.

Benchmarked Speed: 10MB/s and up, comparable to other high-end FIPS-certified hardware-encrypted drives. Random read/write of small blocks comparable to non-encrypted retail drives. Your portable apps hum along just fine!

Summary

Why so serious about data security? It is very easy to lose data. And sometime you don’t know which data is lost.

If you need a secure portable storage, this is the only usable solution I know. If the key is lost, you can reasonably be secure that the data will be unreadable.

On the other side, with this device you can read data on each device reading normal USB keys.

References

About the Author

Rocco Gagliardi

Rocco Gagliardi has been working in IT since the 1980s and specialized in IT security in the 1990s. His main focus lies in security frameworks, network routing, firewalling and log management.

You need support in such a project?

Our experts will get in contact with you!

×
Enhancing Data Understanding

Enhancing Data Understanding

Rocco Gagliardi

Transition to OpenSearch

Transition to OpenSearch

Rocco Gagliardi

Graylog v5

Graylog v5

Rocco Gagliardi

auditd

auditd

Rocco Gagliardi

You want more?

Further articles available here

You need support in such a project?

Our experts will get in contact with you!

You want more?

Further articles available here