Being a self-confessed gadget freak, I’ve collected a large number of USB flash drives over the past few years and like most people, I use them for many purposes; storing pictures, documents, presentations, applications… you name it, it’ll be saved to one of my flash drives.
They are of course extremely handy, everyone knows that. No bigger than a packet of gum, relatively cheap, nearly all are able to fit in your pocket or gear bag and with some manufacturers offering devices that can hold up to 256Gb of data, who doesn’t own one?! However, have you ever thought about how secure this data is if you accidentally misplaced your flash drive? I’ll be honest and say I have actually thought about it, but failed to look into it properly….. until now.
Back in 2009 I read about IronKey, who looked at the security of flash drives and then took it to a whole new level. The security offered is simply unparalleled compared to other USB flash drives that offer security to protect data. To be honest, the security each key provides maybe a little over the top for the average user and is probably more suited to people who need to carry important data linked to government systems, corporate information or secret military files.
However, if you value your data, whatever it might be, then an IronKey is the flash drive for you.
For the purpose of the review I was sent the 1GB S200 IronKey Personal. This particular version is the mid-range flash drive, sitting between the IronKey Basic and the more beefed up IronKey Enterprise. The level of security remains the same across the whole range.
- Capacity: 1GB, 2GB, 4GB, 8GB or 16GB (32Gb offered only in the D200 range)
- Speed: Up to 27MB/s read & Up to 24MB/s write
- Memory: Dual-channel SLC Flash
- Dimensions: 75mm X 19mm X 9mm
- Weight: 25g
- Waterproof: To military standard (MIL-STD-810F)
- Temperature: 0° C to +70° C
- Operating Shock: 16G RMS
- Hardware: USB 2.0 high speed
- Operating Systems: Windows 7, Vista, XP SP2+, 2000 SP4, Mac OS X 10.4+ & Linux 2.6+
- Data: AES Cipher-Block Chained mode
- Encryption Keys: 256-bit Hardware DRNG
- PKI: 2048-bit RSA
- Hashing: 256-bit SHA
- FIPS Validations: 140-2 Level 3
As you can see from the specifications, this tamper proof, waterproof, crushproof, military grade flash drive isn’t just any ordinary flash drive! So, lets take a closer look.
What’s in the box?
The IronKey arrived in a rather stylish black box, compared to most flash drives that are packed in plastic cases that are generally too big for them. Inside the box you get your IronKey, an easy to read instruction booklet and a small lanyard so you can attach your IronKey to your keychain.
- Build Quality
The first thing you’ll notice about the IronKey is just how tough it is. Even just holding it, you can tell its solid metal casing means business. The military grade material which contains iron and alloy, amongst other things, is then filled with a hardened epoxy compound, literally encasing the chips and processors inside. There is a small but bright multi-colour LED, showing data access, and, as mentioned it’s fully waterproof, again to military standards (MIL-STD-810F).
IronKey also claim to have tested how robust it is by attempting to crush it with a car! They failed and the Ironkey stood up to the test. So, we know it’s built well, but what about the security side of things?
IronKey have spent millions of dollars on the research and development of their flash drives and claim to have the only flash drive which has passed the level 3 FIPS (Federal Information Processing Standard) 140-2. This means that the IronKey has the highest level of security placed into a flash drive…. ever. The level three tests that were carried out included looking at how robust the flash drive was and also how data is secured once it’s stored in the memory. The on-board ‘Cryptochip’, which is basically a mini processor, provides AES 256-bit hardware-based encryption to anything saved to the keys memory. So, when it’s inserted into a computer, if the user is unable to provide the correct password that was used in the setup process, they cannot access the data. Simple.
Be careful here though, as if you input the incorrect password 10 times, the key will ‘self destruct’ (not literally explode however!) and destroy all the data held in its memory. The self destruct sequence will also occur if the key detects a physical attack IronKey advise should this occur then the key itself is then fully disabled and cannot be used again. I took the option to save my chosen password during the setup process at the IronKey Password Website, which allows you to retrieve your password should you ever forget it.
When you first plug the IronKey into your PC you’re prompted with a setup screen to intialise your key. Without doing this your key is pretty much useless to be honest, as it appears only as a read-only drive in Windows. During setup you’re asked to provide a nickname for your key and then a password, which you can store at the secure data-center, just in case you forget it! And, unlike some passwords for systems, the IronKey allows numbers, letters, special characters and spaces!
Don’t worry though, not even IronKey personnel can access this information. And, as the key contains all the software it needs, nothing is installed locally to your computer during the setup process.
Once setup is complete you can then create an IronKey account by registering the keys serial number (As each key is completely unique) to the database held by IronKey. This only takes a few seconds to finalise, then your key is ready for use. Thereafter, each time you plug the key into your computer, you’ll be prompted to unlock it with the password you registered before you can use it.
At the unlock screen, you can actively choose to view any files stored on the key, unlock the key in read-only mode, login to your on-line IronKey account, or open the IronKey Control Panel.
The control panel is the hub of information for the IronKey and allows you to perform various functions, such as browse the data saved on the key, perform a secure backup of the keys data to a location on your PC or add any personal data such as owner information. The control panel application itself is very easy to use.
Once in use, the key operates very efficiently and quickly. I transferred data to the key (Which took around 30 seconds for a 500Mb batch of jpegs) and used the secure backup feature to create a backup file. I can use this encrypted data file and restore it to a new key, should my current one be lost or stolen.
Once you’re finished using the key, you lock it using the ‘Lock Drive’ button on the control panel, or by pressing CTRL+L on your keyboard (‘Lock & Quit’ on a Mac). The software shuts down and the key can be safely removed.
- Secure Web Browsing
IronKey have even gone one step further with the key, as it also allows you to browse the web using its built-in FireFox browser. This can be used by simply clicking the Mozilla Firefox icon in the control panel. The browser opens a secure internet connection and connects to the web using the IronKey Secure Session Service. The service uses high performance ‘Tor’ (The Onion Router) servers to enable a fast and secure browsing experience. This prevents hackers from obtaining your IP address or any useful information, such as banking details or information relating to your PayPal or EBay accounts. Basically, you can browse the internet securely and anonymously on any PC and unplug the IronKey, safe in the knowledge there is no trace of your web browsing stored anywhere for other people to see.
- Identity Manager
When you use either IE or Firefox (or even another browser) with the key plugged into your system and you enter a website that requires personal details to be entered, i.e. username/password, you can store these automatically using the IronKey’s Identity Manager, which helps prevent key loggers from accessing your passwords. The Identity Manager can also be accessed using the new keyhole icon, which will show in your browsers toolbar when you have your IronKey running. Simply click the icon for a drop down menu of functions available to you.
And, as well as these features, the IronKey also offers a Virtual Keyboard (Windows only) which appears on screen, to further prevent against key loggers and even screen loggers as keys on the virtual keyboard can be randomized after each use. And, it even has its own Password Generator to help you generate long and complex passwords with relative ease.
Currently, IronKey only ships to the United States. However if you don’t reside here you can find an international reseller by clicking here.
In conclusion, you can see that this is much more than just a straight forward USB flash drive, as it goes beyond this and offers features that are not matched to any other USB flash drive on the market. Ok, so maybe it’s a bit over the top for the average user, but if you value your data and the level of security on offer here and can benefit from using the vast array of features, then the IronKey is definitely the flash drive for you.
However, with all this research and development into creating this ultimate flash drive comes great cost to the end user and the IronKey does not come cheap. With the 1Gb S200 key starting at $79.00 with the top end 32Gb D200 key priced at $299.00 you really have to ask yourself, are you prepared to spend that extra money for the peace of mind it can offer??