28/08/2014

iStorage DatAshur Personal

iStorage have been making secure storage for a while, but mainly business devices. These tend to be made out of metal and have been relatively expensive. Now iStorage have come out with a "personal" version. It's made of plastic (the review unit was blue) and are significantly more cost-effective.

The DatAshur Personal comes in 3 versions 8GB, 16GB and 32GB. Each uses the AES-256 encryption standard to encrypt any data stored on the drive (well USB fob). They're not small at 83mm x 17.4mm x 8.6mm (including the end cap), but there's a 10 digit numeric keypad on the device (and a "lock" hey too). There's also two LEDs at the top of the device and a blue one under the lock key

The devices come with a default user PIN of 11223344 which is a special factory setting as it's not possible to set a normal PIN that has repeating or consecutive numbers. PINs must be between 7 and 15 digits long. Each key also has a standard 'phone' letter scheme so alphanumeric passwords can be emulated (so DATASHUR would be 32827487 - though the writing on the keys is quite small, it's probably easier to do the letter to numeric conversion on a phone).

The device actually can store two PINs, an ADMIN PIN and a USER PIN, by default only the USER PIN is enabled. This is actually a very useful feature for companies as the IT department can configure the ADMIN password (which the end-user has no knowledge of) and then issue it to an employee who sets their own USER PIN. If the employee then leaves, the device can be issued to a new employee with a new USER PIN. Obviously the ADMIN user can also see any data on the drive, which also means a USER shouldn't store any data they don't want their IT department to see on the drive too. An ADMIN user can also put the drive into read-only mode, so data can be read, but the drive can't be written to, useful for distributing company confidential information.

Though PINs can NEVER be retrieved from the DatAshur, an ADMIN user can reset a USER PIN (however not the other way around).

Once a correct PIN has been entered, the device will unlock and must be plugged into a USB port within 30 seconds or it will lock again. Once plugged in, it appears as a normal USB memory device.

That's where the security comes in, if a PIN is entered incorrectly 10 times, then the DatAshur will wipe the encryption keys which renders all data on the drive unreadable. This is also true for the file allocation table (or FAT). When in this mode a new PIN will have to be set-up, the drive connected to a USB port and then reformatted (in whichever mode is suitable for the operating system, could be FAT, FAT32 or NTFS) in order to be usable as a drive again.

The 8GB drive is available for @29.00, the 16GB drive costs £39.00 and the 32GB drives is £59.00 - though considerably more expensive (and a larger form factor) than competing USB drives, it should give the user (or IT department) peace of mind that if the drive is lost, the data is pretty secure (guessing a 15 digit password is likely to take more than 10 attempts). It can also be effective for allocating to users and then the IT department can also check what data the user is taking off-site. Suddenly the price doesn't seem so expensive.

Post a Comment