REVIEW – By now, all of the Gadgeteer readers that follow me know that I use several portable drives for data storage and that recently I have been testing more encrypted drives to ensure the safety and security of my files including irreplaceable photos and videos from my clients. Now I have the chance to test the iStorage datAshur PRO2 – Secure Encrypted Flash Drive to see how well it works and if it will fit into my workflow.
What is it?
The iStorage datAshur PRO2 – Secure Encrypted Flash Drive, is a USB storage drive that utilizes various types of security technology to ensure that your data remains confidential and away from unauthorized users and security breaches.
What’s in the box
1 x iStorage datAshur PRO2 – Secure Encrypted Flash Drive
Design and features
Hardware: Hardware encrypted USB flash drive
Interface: USB 3.2 Gen 1 SuperSpeed USB
Data transfer rates: Read: 130.3 MB/s | Write: 116.5 MB/s
Battery: 3.7V Li-Polymer Rechargeable Battery
Capacities: 14 GB, 8 GB, 16 GB, 32 GB, 64 GB, 128 GB, 256 GB, 512 GB
Weight: With sleeve – approx. 37grams; Without sleeve – approx. 28grams
Dimensions: H/W/D – 87.40mm / 19.40mm / 13.40mm
Compatibility: MS Windows, macOS, Linux, Chrome, Android, Thin Clients, Zero Clients, Embedded Systems, Citrix and VMware
Hardware data encryption: AES-XTS 256-bit full disk hardware encryption
Certification: FIPS 140-2 Level 3, NCSC CPA, NLNCSA BSPA & NATO Restricted Level (Pending Q3)
- Independent user & admin PIN: Which makes it perfect for corporate and government deployment. If the user forgets their PIN, the drive can be unlocked by the admin PIN, the admin can then allow the user to set a new PIN.
- Bootable feature: Install an OS on the datAshur PRO² and boot directly from it.
- OS & platform independent – No software required: Works on any device with a USB port!compatible with: MS Windows, macOS, Linux, Android, Chrome, Thin Clients, Zero Clients, Embedded Systems, Citrix and VMware
- On-device Crypto-chip: Offering 100% real-time military-grade AES-XTS 256-bit Hardware Encryption with FIPS PUB 197 validated encryption algorithm
- Uniquely incorporates Common Criteria EAL4+ ready secure microprocessor: Which offers ultimate security against hackers, detecting and responding to tampering with features such as:
- Dedicated hardware for protection against SPA/DPA/SEMA, DEMA attacks
- Advanced protection against physical attacks, including Active Shield, Enhance Protection Object, CStack checker, Slope Detector and Parity Errors
- Environmental Protection Systems protecting against voltage monitor, frequency monitor, temperature monitor and light protection
- Secure Memory Management/Access Protection
- BRUTE FORCE HACK DEFENCE MECHANISM: Intelligently programmed to protect against all forms of brute force attacks.
- If the User PIN is entered incorrectly 10 consecutive times, the User PIN will be deleted and the drive can only be accessed by entering the Admin PIN in order to reset the User PIN. (Admin can change this from the default 10 incorrect PIN entries to 1-9, for the User only)
- If the Admin PIN is entered incorrectly 10 consecutive times, all PINs and the encrypted encryption key will be lost forever.
- Device reset feature: Deletes the encrypted encryption key, all PINs and renders all data as lost forever. The device can then be redeployed which randomly generates a new encrypted encryption key, a process that can be repeated as many times as required.
- Whitelisting on networks: Configured with a unique VID/PID and internal/external serial number with barcode, allowing easy integration into standard end-point management software (white-listing), to meet internal corporate requirements.
- Self-destruct feature: Pre-program the datAshur PRO² with a self-destruct PIN, once entered, the encrypted encryption key and all PINs are deleted and all data is rendered as lost forever.
The secure drive has a cover that protects the buttons and leaves only the keyring holder exposed. On the drive, there is a keypad for programming and using the drive.
The following shows the functions of the keypad as well as a description of the material used to construct the drive.
Setting up this drive and getting started is really simple. You first set up an Admin PIN, and then if necessary you can set up User PINs as needed. The drive does arrive already formatted as exFat, which makes it compatible with the latest version of Windows OS, and it can be easily set up for the MAC OS and the Linux OS. There are no drivers needed which adds to the ease of use and removes any additional user complications. Since it is available in capacities up to 512 GB, it should meet the needs fo most users that want a secure portable drive for their daily needs.
There are also features that include a Self-Destruct PIN and the ability to set an Auto-Lock time so that if the drive is left unattended, the data will not be compromised. The following charts provide descriptions for the various LED status indicators:
The following is a photo of the drive being used on my laptop:
If you would like more detailed information on this drive, click here.
What I like
- The solid build quality
- The features including the security options
- The keyring connector
- The universal compatibility
What I’d change
- The drive cover seems like with frequent use it could become loose and fall off while connected to your keyring. It needs a more secure clasping mechanism
Prior to testing this encrypted flash drive, all of the other similar drives were full-size SSD drives in enclosures. This drive is in the thumb drive footprint, but still provides security and programming via a keypad and does so in a small, rugged and compact size. Although there are a few features that I do not need for my workflow, I know that they would be of great use to larger organizations with more critical security needs. I really like the build quality, and the read and write speeds are more than acceptable. I give this device a well done and two thumbs up!!