Security in a flash
GCN Lab Review | Biometric drive adds a layer of protection
- By Greg Crowe
- Jun 15, 2007
KEY USERS: The Stealth MXP not only adds biometric authentication to a key drive, but it can be partitioned for up to five users, which could make its price more palatable.
The greatest advantage of flash drives is their greatest weakness: their portability.
The ability to easily move data from one computer to another by means of a small USB key drive means that data can be very easily lost or stolen. Heightened security for these devices is a necessity if the medium is to survive in the government workplace.
The Stealth MXP from MXI Security, a division of Memory Experts International, takes care of that by providing a strong, two-factor (or even arguably three-factor) authentication in a USB flash drive that is small enough not to block other ports when connected to a PC.
The MXP's case is durable, and protects both the fingerprint reader and the USB plug when in the retracted position. This casing does make the Stealth MXP weigh more than a regular flash drive, but because we're only talking 1 1/2 ounces, the increased weight is not a big consideration.
We were pleased to see that the Stealth MXP has been given a Federal Information Processing Standards 140-2 Level-2 certification.
This means essentially that its security, which includes 256-bit Advanced Encryption Standard, can't be broken. This level of security puts the MXP ahead of most of its competitors, and it is no doubt something government buyers will find attractive.
The ACCESS management software keeps track of the fingerprint and password information for up to five different users. We were able to allocate a specific amount of drive space for each user ' space that would be accessible only to the user who is currently logged in. On testing, we found that the virtual drive spaces were totally inaccessible except to their assigned users.
While multiple users sharing the same key drive might seem strange, the increased cost of secure flash drives compared with nonsecure ones might make this a viable option.
The unit's ACCESS software also lets you register the prints of different fingers for a single user and control how many attempts are allowed for either fingerprint or password authentication. You can even set the overall false-match rate security level for the device, the first time we have seen this level of control in a key drive.
There is an enterprise version of the ACCESS management software available, too. This would let you centrally manage many of these devices.
You can set the authentication requirements for each user from needing fingerprint, password or both to log in and gain access. You can view this as two-factor (for either print or password) or even three-factor authentication, because, technically, having the flash drive itself counts as a factor.
This might be an odd way of looking at it, since a laptop PC, for example, isn't usually counted as a form of authentication needed to access that notebook.
But because the flash drive is so much more portable than any other form of storage, counting it as an authentication factor isn't too far out of line.
The $199 retail price of the Stealth MXP 4G drive might seem a bit on the high side, until you consider that this device can be shared by up to five users.
The GSA schedule price of $166 is a bit better, but still higher than you would want to spend for a single-user device, so sharing could be the way to go.
The Stealth MXP from MXI Security can help change the government's reluctance to allow the use of portable media in the workplace.
Greg Crowe is a former GCN staff writer who covered mobile technology.