March 2019 AST Magazine March 2019 AST Magazine | Page 30

No
software vulnerability eliminates the these are not secure
solutions
that meet
www.AmericanSecurityToday.com
March
2019 - Edition
33
possibility of brute-force, sniffing, and the requirements of government data
memory hash attacks.
protection.
Protect Against BadUSB
Encrypted drives
have
digitally
signed firmware
that cannot be al-
tered as well as a
physical layer of
protection (this is
usually known as
protection against
BadUSB).
The top-of-the-line hardware-based
encrypted USB drives, such as the
Kingston IronKey solutions, use
AES 256-bit encryption in XTS mode
and are FIPS 140-2 Level 3 certified .
This helps safeguard that anyone who
finds such a drive - cannot access
the information.
They also provide brute-force protec-
tion as the drive wipes itself clean
after 10 attempts of incorrect pass-
Some of these drives not only come word guessing.
epoxy-dipped, but are epoxy-filled So, while the drive and its contents are
so the casing adds an additional lay- lost, there can be peace of mind that
er of physical security to prevent ac- no one else will have the information.
cess to the physical memory.
In contrast, a USB drive with soft-
ware-based encryption uses software
that runs on the host computer and is
vulnerable to attacks, and typically
does not include the physical layer
of security.
A hardware-centric/software-free en-
cryption approach to data security is
the best defense against data loss, as it
eliminates the most commonly used at-
tack routes.
This same software-free method also pro-
vides comprehensive compatibility with
Some manufacturers offer free software most OS or embedded equipment pos-
for encryption but as mentioned earlier, sessing a USB port.
28