BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

Encrypted flash drives, essentially secure storage on a stick, are a proven technology that has been readily available for at least 15 years. A few years back, it seemed like they would fade into obsolescence, swept aside by the wave of streaming services and cloud storage.

Related: Can Europe’s GDPR restore data privacy?

And yet today there is a resurgence in demand for encrypted flash drives. What’s happened is this: Digital transformation has raced forward promoting high-velocity software innovation, with only a nod to security. This trend has opened up vast new tiers of attack vectors – and threat actors are taking full advantage.

Security-conscious companies – the ones who are proactively responding, not just to threat actors having a field day, but also to the specter of paying steep fines for violating today’s stricter data privacy regulations – are paying much closer attention to sensitive data circulating out in the field, as well they should.

Highly secure portable drives make perfect sense in  numerous work scenarios; encrypted flash drives, specifically, are part of a global hardware encryption market on track to climb to $296.4 billion by 2020, up 55% as compared to 2015, according to Allied Market Research.

Fateful elevator pitch

One of the vendors I always enjoy speaking with in this space is DataLocker. Co-founder Jay Kim was running a family steel fabrication business when he took a  trip to South Korea in the fall of 2007. He was meeting a friend, who introduced him to another friend — in an elevator, no less.

Turns out that friend of a friend had an invention that tickled Kim’s entrepreneurial instincts.  Knowing nothing about cybersecurity at the time, Kim became persuaded that the inventor was on to something. So he wound down his other business pursuits and within a few months pushed ahead with the boot-strapped launch of DataLocker.

Today the company operates out of spacious quarters, with room to grow, in Overland Park, Kansas; it has 50 employees and continues to innovate to meet what has turned out to be an enduring demand for secure portable storage devices. DataLocker supplies platform-independent devices that tie into a central management console. This gives the user the ability to inventory and audit portable storage devices being used out in the field.

I met with Kim at BlackHat 2019 and had a wide ranging discussion with him. For a full drill down, give a listen to the accompanying podcast. Here are excerpts edited for clarity and length:

LW: Why are secure thumb drives still in demand?

Kim: Because of the active threats we’re seeing today there has been kind of a moving back towards hardware based, cold storage, basically off-line storage. So we’re finding a lot of organizations now are reincorporating encrypted storage devices into their arsenal of data security tools.

LW: Threats are still out there, essentially.

Kim: Yes, companies want assurance that they have an offline backup, yet they also want to be able to monitor what people are doing with those backups, as well. For instance, with ransomware, one of the best protections is to have a physical offline backup. So we’re finding a lot of companies going old school and choosing not to put data onto their server, but put it onto actual secure devices, and keeping those offline.

LW: What other kinds of usage patterns are becoming common?

Kim: We’ve seen a complete evolution in use cases. When we started off, the primary use case for encrypted hard drives and flash drives was for transport and for backup, as well. Now we’re finding more companies using them for primary storage, basically having data that’s hardware encrypted that they use on a daily basis.

And then there’s mobility, because despite the increases in network speeds and wireless speeds, the transfer rates for the volumes of data they’re being transferred and stored these days makes it really impractical to use cloud storage. In many cases you’re talking about multiple terabytes of data that need to be transferred from point A to point B.

A lot of organizations find that one of the easiest things to do is to put it on secured hardware, drop in FedEx, and send it off to their lab or wherever it may be. And then when it’s received, grant them the authorization to access the device.

LW: Sort of like an evidence chain?

Kim: Yes, a chain of custody. That’s one of the main use cases. With our management service, you can track where and when each device is accessed, who accessed it and what data was put onto it. And at the end of the day, if you want to, you can even remotely wipe the device.

LW: Even in our paperless society, actual documents are still important.

Kim: It’s forensics evidence. A lot of companies will actually take a take a snapshot, an image, put it on one of our devices and just put it in a safe, literally a physical safe, and use that as evidence. Because with our tracking capability, we can ensure that the data that’s stored on the device hasn’t been touched since it was put into storage. So they have that whole chain of custody in place for that image; and in today’s regulatory world, that’s very important.

LW: Right, with Europe’s GDPR and states like New York and California imposing penalties for violating data privacy rules, that’s gotten people’s attention.

Kim: What we’re finding is the biggest need for many end users is not really the encryption itself, but to be able to prove that their data has been encrypted. We give them that ability to create that audit trail to prove that, ‘Hey, this device was fully encrypted to meet the regulatory standards.’ Basically it’s evidence for the organization in case of anything that happens down the road.

LW: What’s new with DataLocker?

Kim: So we started off with encrypted storage devices and we’ve evolved. We’ve just launched a data loss prevention product, called PortBlocker, which locks down USB ports. Our little twist is you can lock down your ports, but you also have the ability to audit those ports and see what’s going, with a really crystal clear view of USB storage device usage within your organization.

We’ve also re-launched a really cool product called SafeCrypt. We’ve created a virtual drive, which functions the exact same way as our encrypted hardware devices. It let’s you choose where you want to store your data in encrypted form. It can be in a service like Dropbox or Google Drive or it could even be a local folder or local drive. It creates a drive letter on your desktop where you authenticate, then read or write to that drive letter, and that’s it. As soon as it hits that drive to letter, it’s encrypted.

LW: Do you still imagine there’s going to be ongoing demand for portable hardware devices, going forward?

Kim: We do not foresee secure hardware storage devices going away anytime soon. There are billions and billions of USB storage devices out there and the proportion of hardware storage devices that are encrypted keeps increasing.


Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.


*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: