The recent loss of 25 million child benefit records by Her Majesty’s Revenue & Customs highlights the need to be extremely cautious when transporting data.
Safeboot, now a part of McAfee, has a way of tackling the problem, with a family of secure USB storage devices that feature strong data encryption and integrated access controls to protect the data they contain.
We tested three, starting with the Safeboot for USB Standard, which employs simple passwords to manage access. Multiple users can be defined, each with their own AES-encrypted partition, accessible only when the correct password is supplied.
The range also includes the Safeboot for USB Phantom (from £100 ex Vat for a 1GB device), which features a built-in fingerprint scanner, providing two- factor authentication. And lastly there’s the Safeboot for USB Midentity (from £141 ex Vat for 1GB), which is slightly different in that it uses a smartcard and Pin number to store encrypted user credentials and can also be used for remote VPN authentication.
All three look much like ordinary USB flash memory sticks and can, indeed, be plugged into any PC with a USB 1.1/2 interface to provide up to 4GB of removable storage. Do that, however, and you’ll be able to see very little.
A public and/or read-only partition may be available, depending on how they’ve been configured, but that’s all. Any other, protected data is hidden and only accessible once the necessary credentials have been verified, which is done by the device itself.
Some software is also required. There’s a management utility to configure user accounts and their associated storage partitions, and a client application to make the data accessible once the appropriate credentials have been authenticated. The same software is used by both the Standard and Phantom models, though we we found it a little on the simplistic side. However, it worked well enough and, apart from a few teething problems (caused by a general lack of documentation), we encountered no real problems.
Separate tools are required to manage and use the Midentity devices. These were clearly from a different developer, had a completely different interface and were much harder to get to grips with.
Of the three, the Safeboot for USB Standard proved the quickest to configure and was the easiest to use, requiring no more than a password to open up each protected storage area. To configure the Phantom, users needed to register their fingerprints and we found the built-in scanner awkward to use.
To set up the Midentity device, we first had to fit the smartcard (the same size as a mobile Sim card) inside. That done we then had to install the software and set up our Pin code and digital certificate.
Once the devices had been configured they could all be used just like an ordinary flash memory stick, at the same time offering high levels of security and encryption that would be difficult to crack should they get lost or stolen. You’d also need to know that they contained secure data in the first place, and there are few clues on the outside and nothing to see if you put them in a PC without the associated client installed.
In the end, whether you think these devices are worth the cost and effort involved will depend on how highly you value your data.
reader comments