Jump to content

USB Drive Encryption

danrhodes

By danrhodes
in Windows

 Share

Recommended Posts

enjay

enjay

Posted
Posted

I looked at Rohos last week as part of an evaluation of different encryption programs, but I decided against it as it all looked a bit too complex for many people to bother with. I'm favouring TrueCrypt now, which is a bit of a faff to set up but works nicely once running (cross-platform, too).

 

Rohos has a costed version which has recovery options; not sure if every user would need it or if you could just have the one copy on your PC for recovery purposes.

goodhead

goodhead

Posted
Posted

We have looked at true crypt but found it fiddly to setup and broke on one occation and couldn't get to my backups on the stick.

 

We are now looking to issue all staff with kingston data travellers with built in hard encryption.

 

Kingston data traveller

 

 

We can also get branded all for £10 each

 

Seems much simpler solution for staff even if its cost a few quid more.

enjay

enjay

Posted
Posted
That's my thinking too, goodhead - the problem I'm having with my Kingston Locker+ is that it takes 20 seconds from plugging the USB in to having a usable drive, which isn't practical. I'm now trying to find out what is causing this slowdown...
Craigt47

Craigt47

Posted
Posted

Hi guys,

 

Have you looked at Safestick (Military Grade encrypted USB Sticks) and Safe console (Management and auditing software). Really rugged product can be dropped, stood on, left in water and set on fire and the data is still safe.

 

Safestick:• No admin right required – user plugs and play

• AES 256 and RSA 1024 military grade encryption

• Robust design – They will work if left in water, Dropped from great heights, Heavy pressure applied to the unit.

• No user knowledge required – Hardware encrypted. Plug in the sticks, set the password and the stick will encrypt “on the fly”.

• SafeStick will work with all Security solutions currently in place as a standalone unit.

 

Safe-console:• Remote kill or Disable USB sticks when lost anywhere in the world from the central management system.

• No admin Rights are required – Plug and Play (Windows, Mac’s, Linux and VMware) no software install required.

• Full audit trail - details what file types are copied to the Safe Stick. Details include files by MIME type, User ID, PC name, time and date. Will also Record what sticks are active, what sticks where lost, who has ownership of what sticks.

• Logging of User, PC name, IP address and time when Safe Stick is locked or unlocked. Can help track lost Safe Sticks!

 

If you need anymore information or an evaluation unit please contact me [email protected].

 

Thanks

powdarrmonkey

powdarrmonkey

Posted
Posted (edited)
I would seriously consider a Safestick if it worked natively with Linux kernels and you provided source (NDA if you like) so it can be audited. Not until. Edited by Domino
  • 2 weeks later...
rhr

rhr

Posted
Posted

Hi Enjay

there are no problems with using SafeSticks on Mac's. If you would like a unit to test to try please pm with your details.

Many thanks

enjay

enjay

Posted
Posted

Thanks Richard - someone else is hopefully hooking me up with an eval unit, but I'll give you a shout if there are any problems...

 

In fact, seeing your signature, it is your company who is sending it to me! (following Craig's post above).

Craigt47

Craigt47

Posted
Posted (edited)

Hello Pashers,

 

Turecrypt is a good open source encryption product for the public domain to encrypt your CV or some personal information for personal use. However, it is not considered safe for sensitive government (including schools) or corporate data. By the very definition of Truecrypt is ”Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux". Which means that hackers have direct access to the Hash Algorithms that encode and encrypt the data, meaning they can with ease decrypt the data? Here is a thought to ponder on, if you supply users with encrypted USB sticks to use you wouldn’t expect them, to write their passwords on the sticks. So we would not recommend an open source product to encrypt your data.

 

 

Craig

Edited by Domino
removed non sponsor contact details
mavhc

mavhc

Posted
Posted

All good security products are open source, if the only protection from hackers is they don't know the encryption method because they can't afford a disassembler, then it's not worth the money it might actually cost.

 

How does a closed source program stop people writing down passwords? Does it integrate into the user's brain?

  • Thanks 1
Domino

Domino

Posted
Posted
Hello Pashers,

 

Turecrypt is a good open source encryption product for the public domain to encrypt your CV or some personal information for personal use. However, it is not considered safe for sensitive government (including schools) or corporate data. By the very definition of Truecrypt is ”Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux". Which means that hackers have direct access to the Hash Algorithms that encode and encrypt the data, meaning they can with ease decrypt the data? Here is a thought to ponder on, if you supply users with encrypted USB sticks to use you wouldn’t expect them, to write their passwords on the sticks. So we would not recommend an open source product to encrypt your data.

 

 

Craig

 

Security through obscurity is no security at all.

 

By making your hashing methods public you have a huge testing base, so you can see how quickly these get broken, by a huge cross section of society. An encryption method is never unbreakable, but it only has to last until the data is no longer relevant.

  • Thanks 1
powdarrmonkey

powdarrmonkey

Posted
Posted
Which means that hackers have direct access to the Hash Algorithms that encode and encrypt the data, meaning they can with ease decrypt the data?

 

You don't understand what a hash algorithm is.

enjay

enjay

Posted
Posted
So we would not recommend an open source product to encrypt your data.

 

No, I'm sure that as a supplier you wouldn't advocate something which doesn't involve schools giving you money. Becta, on the other hand, DO recommend TrueCrypt, they even produced a How To guide on it.

 

One must also consider the ease of use - some encrypted USB drives are a total PITA to use or take a long time to open whereas TrueCrypt is very simple, meaning it is more likely to get used. If the encryption is too fiddly or too time-consuming to use, it won't just get used; we must find a balance between security and usability.

mavhc

mavhc

Posted
Posted
I have truecrypt auto running from the usb stick, still confuses people, half of them can't cope with it needing 2 dismounts, found many cases of people saving files in the few KB that was free on the drive after truecrypt partition was copied on
enjay

enjay

Posted
Posted

Why two dismounts? Just one to dismount TrueCrypt surely - I've never bothered with "safely removing" USB drives, and the only ill effect I've found is an error on insertion when moving between XP and Win7.

 

As for people using the tiny bit of left-over space, I'm considering only making a small amount of the drive encrypted and leaving the rest alone. My thinking was to have it so they only need the faff of encryption for the sensitive files, and can use the drive exactly as normal for the regular stuff. This might mean that people will forget though, and end up keeping sensitive files in the non-encrypted half. Thoughts?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • 8 When would you like EduGeek EDIT 2025 to be held?

    1. 1. Select a time period you can attend


      • I can make it in June\July
      • I can make it in August\Sept
      • Other time period. Please comment in the thread what works for you
      • Either time
×
×
  • Create New...