A secure memory stick is a happy memory stick, and whether we realise it or not it’s what we all really need.

And like most things in computing there is more than one way to achieve this; the first is using software to provide a secure file area where you are able store your files. The second is to use a hardware enabled USB memory device with access control built in, and this is the main focus of this discussion. However which is better for you depends on your personal preferences.

Software based

Most software solutions work in the same sort of way. A secure area, or data container, is created on your USB memory stick and either a software driver is loaded to make this area look like a connected drive or you have an application window that opens up and provides controlled access to that area.

This is probably the most common way of storing data securely on a USB memory stick, but it’s not the only option.

Hardware based devices

What are they? Well a USB flash drive contains a microchip controller that communicates with host computers and controls the data in the flash memory chips. In hardware protected devices these controllers also contain hardware encryption algorithms that encrypt/decrypt your data when required.

So these devices can be a simpler solution to the data security problem, to just select a secure drive and you are away, well not quite. There are things to consider when selecting a drive, for instance how the device is set up. What is the all round protection it offers, from a software data security point of view and also the physical protection afforded by the device.

When one of these devices is inserted into a host machine the operating system recognises it and initiates data transfer. The interface software is then started prompting you for a password before access to the data contained on the device is granted. Most devices have a password fail counter that will either block or erase the data after so many failed attempts. The controller chip then encrypts/decrypts your data as required; generally to a 256 bit hardware based Advanced Encryption Standard level.

WARNING for, Mac / Linux users you need be very careful as many of these devices operate using software designed to ONLY work with Windows based systems.

Generally these devices have an open area and an encrypted area that holds your data, and setup is done through the installation interface.
These devices tend to be a little bit more expensive to compensate for the fact the data controller is a bit more expensive and that software has to be written specifically for the device.

Wait for another time when I compare some of the devices on the market.
John