REVIEW – I’ve been into computing for many years and I’ve collected a good amount of data that has to be kept secure. When the opportunity to review the SecureDrive came along, I figured this would be a good time to implement even better security than I previously had.
What is it?
The SecureDrive KP is a hardware encrypted external portable drive. It features a physical keypad and works across and with any OS and Devices.
|Capacity:||1TB, 2TB, 5TB, 250GB SSD, 500GB SSD, 1TB SSD, 2TB SSD, 4TB SSD, 8TB SSD|
|Cryptographic Processes:||AES-XTS 256 Bit Hardware Encryption (OS independent)|
|Dimensions (L x W x D):||127mm x 77mm x 12.5mm (1&2TB) – x 20.5mm (5TB)|
|Weight:||Approx. 9 oz. (1TB & 2 TB) Approx. 12 oz. (5TB)|
|Interface/Power Supply:||USB 3.0 (2.0 compatible) / BUS powered|
|Certifications:||RoHs, FCC, CE, USB, FIPS 140-2 Level 3|
|Warranty:||2 years (limited warranty)|
|Password Policy:||Strong password (7-15 chars) Alpha Numeric|
|System Compatibility:||Microsoft, iOS, Android, Linux, Chrome, Thin Clients,|
Embedded Systems (No software or drivers needed)
What’s in the box?
- SecureDrive KP (250GB SSD as tested)
- Quick Start guide
- 16″ USB cable
- Export Notice information sheet
Design and features
The SecureDrive KP is about the same size as all other external drives, measuring just 3″x5″x0.5″. There is no external power supply requirement, it simply operates off of the USB cable power.
One of the key ways the SecureDrive keeps your data safe is that there is absolutely no communication between the host Operating System (Windows, Linux, MacOS or similar) and the drive until the User enters the correct PIN via the onboard keypad. This prevents computer/software brute force attacks and/or hacking of the system.
Once the correct pin is entered the drives USB controller is unlocked to initiate communication between the drive and host OS. This also prevents any malicious firmware modifications/updates that might be intended to breach the security of the drive.
The drive uses 256 bit AES XTS Mode hardware encryption. This hardware encryption is much faster than software based encryption which can slow performance by 30% or more.
Speaking of performance, the USB 3.0 super speed interface provides for a transfer rate of 5.0 Gbit/s while being backward compatible with USB 2.0 for older hardware. The USB cable is 16″ long and appears to be a standard cable often used for portable drives.
The wear resistant keypad has a special coating which masks key usage, without such coating an attacker could determine the most commonly used keys. The drive requires a 7 to 15 character password.
A secure drive would not be completely secure if it allowed access to the electronics that control the drive. The SecureDrive is certified FIPS level 3 (U.S. government computer security standard) and every vital piece of electronics is covered with a tough epoxy coating cementing the critical components in an indistinguishable solid capsule. There are no externally visible means to open the drive enclosure.
The SecureDrive works with any host operating system (Microsoft Windows, MacOS, iOS, Linux, Chrome, Thin Clients, Zero Clients, Android & Embedded Systems).
The drive has a brute force anti-hacking self destruct feature that is triggered after entering an incorrect password ten consecutive times. When triggered it will crypto-erase the passwords, all User data and drive formatting. Basically, it will wipe the drive and it will reset the password to the factory password. The drive is still useable, just empty. I tested this feature and it indeed worked perfectly. This is probably a good point to mention that there are no techniques to retrieve the pin. There are absolutely no back-doors and all data will be erased permanently.
One feature I really like about this drive is that you can configure an admin password and a user password. This also allows you to optionally set the user to be read-only and set an inactivity autolock.
When there are an admin and user password set, entering the wrong user password ten consecutive times only erases the user password, the admin password and drive data remain intact. This prevents a malicious user from intentionally or accidentally erasing the drive.
Another feature I like about the drive is the inactivity autolock. The Drive can be set to automatically lock after a pre-set amount of time of inactivity. The default state of the Inactivity Lock is OFF. This is a great feature because regardless of how careful you are to re-lock the device, one instance of forgetting to lock it and the drive becomes vulnerable. This feature can be set to activate (lock) at predefined times between 1 and 60 minutes. The 60-minute limit is something I would like to see changed. For me, I work from home and would like the drive to remain unlocked all day, but then lock after 8 hours or so.
For the technical minded, here are some CrystalDiskMark tests from my setup:
What I like
- Physical keypad
- Compact design
What needs to be improved
- Auto lock times need to be longer
- Did not have a full printed manual with it, but PDF’s are on the drive and a printed quick start instruction sheet was provided.
The SecureDrive KP provides an easy and portable way to secure data and is available in the following capacities: 1TB, 2TB, 5TB, 250GB SSD, 500GB SSD, 1TB SSD, 2TB SSD, 4TB SSD, 8TB SSD.