“This tape will self-destruct in five seconds!” – Mission Impossible.
Growing up in the 1960’s, I though that was just the coolest phrase – and the underlying technology, of course. As a way of keeping confidential information out of the hands of the bad guys, what could be better than that? BOOOM!
Today, safeguarding confidential information is far more complex – and there are many more “bad guys”. Information, in a very real sense, is currency – and the need to protect it is every bit as real as if it were hard currency.
Unfortunately, protecting critical data in an age of extreme data portability (USB sticks, portable Hard Drives, memory cards …. ) against theft, or loss, is exasperated by the very nature of portable technology.
How hard is it to lose a USB key through theft or misadventure – easy (personally, I’ve lost two over the years).
How hard is it to lose a portable Hard Drive through theft or misadventure – easy.
How hard is it to lose a memory card through theft or misadventure – easy.
How hard is it recover any one of the storages devices mentioned? Hard. Hard. Hard.
While it’s true, that both password and encryption applications, offer some protection against unauthorized access should a portable storage device vanish, neither provides absolute protection. Both password cracking, and decrypting applications (and the computing resources necessary), are readily available to those with less than honorable intentions.
What’s needed then, is a technology that not only offers password protection and file encryption, but the ability to remotely destroy data on a non-recoverable device – if it becomes necessary.
I suspect that the Ministry of Defense in the UK, would have been delighted with this type of technology had it been available when, in 2008, fifty eight Ministry of Defense unencrypted drives – which contained details of troop movements, locations, and travel accommodation, were “lost”.
Certainly, portable media device theft, or loss, is not restricted to organizations; it can just as easily happen at an individual level. For example, in the U.K., in 2008, – 9,000 USB drives were found by dry cleaners in various articles of clothing. It’s safe to say, that data loss and data leakages related to lost or stolen computer portable devices, are now commonplace.
Luckily, Conseal Security has just released a security safety system that not only includes strong AES encryption, it allows protected devices to be remotely self-destructed, if they are lost or stolen. Moreover, as part of the package the ability to lock devices to specific networks, domains or specific computers, is included. A bonus feature includes a capacity to review all access attempts on a device.
Application setup, including creating an account which provides access to all of the programs features, is straightforward.
The initial account password will be emailed to you. The temporary account password in the screen capture shown below, has been changed.
Once logged in, you can proceed to manage the portable device attached to your machine.
In the following screen shot, you’ll notice I have logged in and entered a name for the attached device.
The USB drive I used for this test was quite small (512 MB), so the encryption and registration took less than two minutes.
As per the message box, no files were accessible on Drive F: (the original drive designation) – instead the files were on Drive G: (the newly concealed drive).
Following encryption of the drive’s contents you will have a number of options to choose from, including -
You can set up rules to control where and when this device can be unlocked.
You can set up alerts to email you when this device is used.
You can securely delete the contents of this device if it has been lost or stolen. It will become a blank disk.
Unlocking the portable device is an uncomplicated process – as shown in the following screen captures.
A taskbar popup will notify you on successful completion of the “unlock” process, as illustrated in this screen capture.
Remote self destruct – If your Consealed device is lost or stolen, you can remotely destroy the data it contains. Press a button on a website and the contents of your device will be securely wiped when next inserted.
Who’s accessed your data? – View a log of who attempts to unlocks your Consealed device, including who they are and what computer they used. The log shows all access attempts and contains sufficient information for law enforcement officials to uniquely identify the computer used.
Define who can access your data – Specify the computers or network domains which can unlock your Consealed device. Also specify what times of the day it can be unlocked. Rules can be changed even when the device is out of your hands.
Safe from password guessing attempts – Even fairly complex passwords can be guessed on average within 16 minutes. Conseal’s “Dual Locks” system completely secures your protected data against password guessing attempts. Consealed devices can only be unlocked with permission from a central server.
Warnings of attempted break-ins – Receive email warnings when someone tries to unlock your Consealed device, directly and uniquely identifying the user, where they are, and what computer they used.
Strong encryption – Your data is stored using super-strength 256-bit AES encryption (approved by governments to protect ‘Top Secret’ information).
Takeaway: A very impressive and elegant solution to a potentially disastrous occurrence at a cost that’s appropriate.
Conseal USB Licenses:
Home User – 1 year’s protection. Non-commercial use only. Up to 5 devices £19.95.
Corporate User – 10 devices £140 (for 1 year). 100 devices £99/month. 1000 devices £830/month. 10,000 devices £5950/month.
Conseal Security offers a full no-quibble 14 day money-back guarantee from date of purchase.
System requirements: Windows XP and above.
Devices: You can Conseal literally any USB storage device. This includes memory sticks, USB pen drives, external hard disks, SD / MMC / xD / CompactFlash cards. It also includes all Firewire, eSATA and USB3 devices. Conseal is completely device and manufacturer independent.
Further details, and a 15 day Trial download are available at the developer’s site – Conseal Security.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.