Average Reviews:
(More customer reviews)We use Linux, a customer uses Windows, government requirements for one project require encrypted physical transport of data. After evaluating many alternatives, we bought an IronKey. There were several selling points but being able to wave the government approved NIST/FIPS 140-2 level-3 seal of approval ([...]), the cross-platform compatibility and the inability to use in anything but secure mode thus preventing user mistakes were the big ones for us. Additionally, it is designed to self-destruct if physically attacked or upon excess incorrect password attempts.
In use, when you plug the device in, it shows up as a CD-ROM containing the locker software for Linux, Mac and Windows. After you supply the appropriate password or phrase, the device unlocks and you will see a new USB drive show up. Depending on the specifics of your system, it will show up as a new drive-letter, automount or allow you to mount it manually. When done, just unmount, "safely remove" or whatever you system uses to unmount the drive then rerun the software to lock the key.
The Windows software is pretty easy to use. It generally just autoruns when the device is inserted and gives you access to the various device options. Most users will want to override the default self-destruct mode, which destroys and renders unusable the device after 10 incorrect password attempts, and set it to only destroy all data but not the device (they aren't cheap). Unfortunately, access to a number of features is limited to Windows. Hopefully they will update the Linux software to provide access to all features.
I haven't used it with a Mac but it works, with limitations and blemishes, on Linux. The limitations, noted above, are that some features like secure backup and the ability to change certain settings like destruct-mode seem only available on Windows. But once the destruct-mode is set, you can use the device fine on Linux. Also, how the device behaves varies from distro to distro. If you become root and run the software, it will just prompt you for a password and unlock the key. If you plug it in as a normal user and try to unlock it you might be presented with a response telling you that there are multiple keys available and asks you to specify which one. So far, I have always been able to unlock it as a regular user but I often have to specify a device to unlock:
Please specify which IronKey you wish to unlock.
found 2 IronKeys
CDROM Hard Drive Generic
/dev/sdc
/dev/sr1 /dev/sg3
In this case, running "/path/to/IronKey/linux/ironkey /dev/sg3" works fine. IronKey support is currently (2010-05-17) looking into this. With luck they will also provide updates to allow access to all available features from other than Windows systems.
In use the device has been speedy and robust. IronKey also claims that the key handles much higher rewrite activity than cheap USB thumb-drives.
After buying/testing one at work, I purchased another for personal use. I have accounts that are rarely used and which have secure passwords and it is nice to have those passwords and other confidential data with me without worry about losing the key. And in a pinch I can use whatever computer is available to me to access the accounts (if it is a machine I trust). The fact that it is also waterproof is nice since sometimes things accidentally go through the wash. However it is only waterproof when the cap is in-place and the cap is small and not attached to the drive so be careful to not lose it.
Truecrypt ([...]) is a wonderful and free encryption program that provides data security and may be an appropriate alternative where NIST certification is not required. I still use and recommend it. But I decided to plunk down the cash for the IronKey since I can keep it with me and use it virtually everywhere without installing software or needing root/administrative access.
Click Here to see more reviews about: Basic D200 32GB
Basic 32GB 256 AES Encryption; FIPS 140-2 Level 3 Certified, D200 Memory Device
0 comments:
Post a Comment