Portable encryption systems – keeping your USB / flash drive data safe

Flash drive securityUSB-based flash drives are a part and parcel of everyone’s life these days. Not only they are dirt cheap, they provide  substantial storage, making them extremely handy tools for carrying around large amounts of data, including personal  and official  information of sensitive nature.

What’s worrisome is that the data on an average flash drive is grossly unsecure and can prove to be a tremendous source of data leakage both from the personal front and an organization network if the drive falls into wrong hands.

Because of their tiny sizes these devices are prone to being lost or misplaced or worse yet – easy targets for thieves.  Both TechRepulic and PCWorld provide lengthy discussions on the kind of damage such an action may cause to an organization.

Good news is that there are numerous commercial and free / opensource solutions (both software and hardware based) to securing your flash drive data. This article attempts to provide brief overviews of the most well-known ones with an emphasis on those which are free and readily available to everyone. In each case, portability is the key criteria, as that’s what USB drives are for.

Hardware

Hardware ChipTo begin with,  hardware-based data protection systems (for flash drives) aren’t all that prevalent yet with not many viable (read inexpensive) options for the mass consumer market. For most part, these devices are targeted towards the SMB (Small and Medium Business) and Enterprise market.

Although dubbed “hardware-based encryption” these flash drives employ a dual layer of software and hardware to secure your files.

These drives come with two partitions – a normal partition for publicly viewable data and an encrypted one for all your sensitive information, with the ability to set the size of this partition (as a percentage of the total flash drive capacity) at will. All data flowing in and out of the latter is encrypted / decrypted on-the-fly using AES-256 by an encoder chip (hardware) built into the flash drive. To access this special partition one needs to provide a password. This authentication mechanism is where the software part comes into play. The whole process is transparent to the end user and doesn’t cause any noticeable loss in data transmission speeds.

Note that the authentication software (in most cases) is Windows compatible only! Hence, on other platforms (Mac, Linux etc.) your encrypted partition cannot be accessed.

Did you know…

even if you ever lose your USB stick it will take someone with a very powerful computer at least 100 years to decrypt the data using brute force?

The drives also sport automated self-destruct systems that securely wipes out  data on the encrypted  partition after a certain number of attempted break-ins. This effectively counteracts any brute-force cracking attempts, although you can give up all hopes of recovering your data. But then again – “Better safe than sorry”.

Some of the vendors offering hardware encryption based USB Flash drives are:

Among these, the drives from Kingston, SanDisk and Verbatim have been awarded the FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST), which validates the USB drives for use with sensitive government data. Recently, a potential security hole was discovered in the drives from all three vendors – but that was primarily due to poor coding of the software counterpart. The actual encryption system still remains stands strong. Besides, patches have already been rolled out by all three vendors rectifying this problem.

If you’re the  paranoid kind and / or are strong on security these are the drives for you. But be prepared to shell out a thick wad in the order of $100 – $500 depending on the make and capacity of the drive.

Software

The pure software encryption systems have a couple of distinct advantages over their hardware counterparts:

  • They can transform any given USB disk into a secure storage location
  • Most such systems allow you to set a preferred cipher (encryption routine). Besides the default AES Blowfish, Twofish, DES, Tripple-DES etc. are also offered.
  • And finally, they come much, much cheaper than the hardware variants. The price range starts from “free” and goes up to $50.

As far as modus operandi goes, both hardware-based and software-based systems are virtually alike – except that, for the latter, the functionality of the hardware encoding chip is taken up by an additional layer of software. The same software that handles authentication is also responsible for encoding / decoding of the encrypted partition and a portable copy of the same is usually placed on the USB drive in order to avoid re-installation issues when working on a different PC.

USB EncryptionAnother added advantage is that one can create multiple encrypted partitions on the same USB drive. These so-called encrypted partitions aren’t “real” partitions, per se. Rather they are encrypted files that serve as containers for your data and are mounted as separate partitions by the software on-demand. Hence, it is possible to create as many of these partitions as you wish – each dedicated to a different kind of content (or as you see fit) – the only limitations being the total capacity of the flash drive and the availability of drive letters (on Windows). Like the hardware version, these data can be read from / written to these partitions on-the-fly.

Well-known commercial tools for this task are:

  • Encrypt-Stick – Employs Polymorphic Encryption. $40/license.
  • WinEncrypt CryptArchiver – Can choose between AES and Blowfish. $18 to $50/license depending on edition. A free edition – which limits volumes to 25MB – is also available.
  • I-Secure Key – Pricing and features are not clear from their website, but a fully functional trial version is available for download. This isn’t an encryption software per se and utilizes TrueCrypt behind the scenes to create and maintain the encrypted volumes.
  • Master Voyager – Apart from creating encrypted volumes on USB drives, this tool is also capable of creating encrypted CDs and DVDs. $70/license.
  • Discryptor – A pretty robust application with a strong set of features (and a lot of excess baggage like Parental Control, Employee Monitoring etc.) Licenses can range from $85-$2500 depending on edition. A free but limited Basic edition is also available.

And finally, onto the free and opensource ones.

  • TrueCrypt – Perhaps the best that there can be in this category in terms of features (and pricing). This utility offers support for unlimited encrypted volumes (as long as there are drive letters to mount on) and can encrypt entire existing partitions. The recent versions support something called Hidden Volumes where your actual data resides with a Fake counterpart stuffed with junk data to provide you with “plausible deniability” – in case you are forced to give-up your volume password to an adversary. Supported algorithms: AES, Twofish and Serpent. Probably, the only one to work on both Windows & Linux. Here is an excellent tutorial on using TrueCrypt. Advanced users will benefit from this tool.
  • Rohos Mini Drive – Easy to use portable application targeted at newbies. It creates hidden, encrypted volumes and can run on a guest computer without Administrative rights using File Virtualization technology. Caps the storage volumes at 2GB. Has virtual keyboard for protection from keyloggers. If it’s your first venture into the world of encryption, I recommend this utility.
  • SafeHouse Explorer – Another great utility with a similar set of features as Rohos. This tool presents you with an ever-familiar Windows Explorer like interface which you can use to drag & drop files and folder into the “private storage vaults”. Sports a graphical password strength meter to help you choose a good master password. A cool feature is the creation of self-executing click-and-run encrypted volumes. Recommended for basic users.
  • USB Safeguard – A free, lightweight and portable utility that works in drag & drop mode. Also features a safe-surfing mode that one can use while browsing from an internet cafe. Also a good recommendation for basic users.
  • FreeOTFE – A no frills yet powerful and portable opensource utility that supports numerous hash (including SHA-512, RIPEMD-320, Tiger) and encryption algorithms (including AES, Twofish and Serpent) in several modes (CBC, LRW and XTS) – providing a much greater level of flexibility than a number of other (including commercial!) OTFE (on-the-fly-encryption) systems. Has support for Linux volumes (Cryptoloop “losetup”, dm-crypt and LUKS). Works on PCs without no Administrator rights and has a PDA version too. Intended audience: both basic and advanced users.

Before I end, I’d like to mention this one other way which helps you encrypt data in a similar fashion without the aid of any third party software. This system utilizes the native data encryption mechanism of NTFS and works only on Windows-based computers. Online Tech Tips has a step-by-step tutorial on this. Be advised that this method limits your read / write activities to the encrypted partition on the originating computer only unless you are ready to export and carry around your EFS certificates.

Safe computing 🙂

AIMpromote: Lead Management & Reselling at its best

ManagementLead Management is the process of rapidly and effectively creating, nurturing, distributing and analyzing leads. The ultimate objective is to increase the likelihood that a lead will convert to a qualified opportunity and then into a new, satisfied customer. Lead management can be considered the connectivity between advertising and customer relationship management.

Traditionally, marketers have been the ‘idea’ people, experimenting with creative ways to generate leads and create awareness. The task of turning these leads into long-term customers was the responsibility of the sales people. However, the age of technology has brought with fierce competition. Sheer manpower cannot cope with the volume of leads generated and the trade associated with it. If a company has to survive and make it big – it mandatory for it to employ some sort of an automated mechanism that seamlessly encompasses sales, marketing as well as after-sales-service. When I say seamless, I mean a software that records every single instance of interaction with a customer in as much details as possible thereby enabling the staff to retrieve the information as and when necessary. Customers can interact with a diverse range of people from different departments in a company without ever having to repeat the history of their interaction each time. The benefits of such a system are far too many.

Customer RelationshipAIMpromote is an on-demand web-based software application that helps you manage the handling of sales leads. While essentially being a CRM software, it’s focused on handling leads. One of the special features of AIMpromote is the ability to sell leads (lead aggregation business). Passing sales leads outside of your enterprise to business partners presents a multitude of challenges. The lead flow process can become enormously complex as a multitude of interactions and subsequent actions begin to build up thus creating a variety of scenarios that can be both productive and counter-productive. AIMpromote enables you to manage such leads yourself then pass them onto a reseller client for a profit without having to worry about loosing business. This CRM tool presents your business partners with a list of prospective leads from which they’re free to cherry pick the ones that appear to them the as most conducive to their own businesses. However, you won’t have to spend sleepless nights over selling off an important lead by mistake. An active lead appraisal system warns you of each lead’s potential worth – so you are free to judge for yourself which ones you should let go.

The software is simply too vast to discuss in a short article – but apart from some heavy-duty lead management it offers Advanced Reporting Capabilities (Campaign performance, ROI etc.), Sales Force Automation (Marketing automation, Customs Tasks & Calendars, Newsletters, Auto-notifications etc.), a highly advanced User Management and Authentication system combined with a Support and Consultation mechanism. Last but not the least is easy Website Integration and Internet Marketing facilities. Moreover, since all lead related data contains sensitive private information, all transactions over the net are performed through secure, encrypted channels. All stored data is kept encrypted too using AES – which gives you another solid reason not to loose your nights sleep over.

AIMpromote certainly offers the best value-for-money when you compare the horde of features offered against it’s rock-bottom pricing (starting at $33.00). In fact it beats most other leading CRM softwares hands down owing to this.

And if you’re still not convinced you can always sign-up for a free full-featured 14 day trial.

Performance Data Resources – Your ultimate resource site for refurbished IBM hardware

Hardware (Motherboard)Offices who employ IBM AS/400, iSeries and i5 hardware may find solace in the fact that they don’t have suffer headaches anymore over the replacement of damaged but hard-to-find hardware.

Performance Data Resources or PDR Inc. is an authorised IBM Business Partner, who’ve been around since 1991 and is a leading solutions provider for IBM’s High-Availability (HA) series of hardware and software. PDR is a…

reliable source for diverse, hard to find, new and refurbished midrange hardware and to assist with issues ranging from simple device address & cabling problems to complex system tuning & troubleshooting assistance.

Apart from the server components PDR has an extensive product range that covers tape drives, modems, printer spares, routers/hubs, remote controllers, terminals, UPS-es etc. The software offerings include Web/Spam filter, POS & Barcode etc.

PDR maintains highly-trained technical staff certified to handle all issues pertaining to the e-Server series who provides you with a wide variety of solutions and services to meet your ever changing business requirements.

The listed prices for the spares are quite decent and they offer free shipping anywhere within the U.S. for packages under 50 lbs.

Next time your router goes for a toss you know where to head to.

HomeCamera: Peace of mind away from home

HomeCamera LogoDo you always keep worrying about your beloved pet while at office? Has the thought of someone breaking into your home started affecting you work? Wouldn’t it be lovely if you had a way of keeping a constant vigilance on your home and be at peace of mind every time you are away?

Now, if you are willing to utilise the technological edge there are plenty of solutions which can help you out in this. And HomeCamera – which is a recent entrant in this field – happens to do just that. It’s a simple, easy-to-setup service that offers you complete remote monitoring facilities for free. No extra (and fancy) equipment required other than a normal webcam. In fact, with this aptly titled home camera based solution you can hook up as many webcams as you like and monitor every square-inch on your house. On the move and don’t have a net connection at hand? No problem with that either. You can share you camera feeds with any of your trusted buddies and let them take over the monitoring task for a while. HomeCamera offers an archive section, in case you ever need to go back and check on any of the earlier feeds. All of this is accessible from any corner of the world using a standard browser. Here’s a screen-shot of their web-interface.

HomeCamera Web Interface Screenshot

Registration with this service is free and requires only a couple of steps. You need to have a valid email address for this. Once registered you’ll have to download their client software, install and enter your registration details in it and you’re good to go. The client auto-detects all the webcams you’ve got attached to your computer and lists them for your convenience. You can assign names & descriptions to each -which show up in the web-interface next time you login. There’s a pretty slick & accurate motion detection feature that automatically turns on the recording whenever there’s some moving object in the camera’s focal cone. That way you don’t waste valuable disk space or bandwidth by sending out a continuous video stream. You can even specify the length (duration) of each footage that is to be sent out to the HomeCamera server. Cool thing is that the recording isn’t limited to videos – it’s also possible to send out snapshots (pictures). Here’s a screen-shot that shows the motion detection in action. I tilted my head just a little bit and you can see the detection frame zeroing in on that region.

HomeCamera Client Interface Screenshot

The motion detection feature also sends out alerts to your email address and mobile phone (if you choose to) along with a link which directly takes you to the video footage. The mobile messaging part is possibly the only feature which doesn’t come for free. When you sign-up first, you start with 25 mobile credits but you’ll have to purchase additional credits once you exhaust these.

Alternatively, you can disable motion detection and specify an interval (say 10 minutes) at which the footages are sent out on a regular basis. This is called time-lapse recording.

Another big plus point is that HomeCamera virtually works with any given webcam. It also works most CCTV and wi-fi cameras.

As of now, HomeCamera is in it’s open public BETA stage and if you sign-up as a beta tester you automatically qualify for a free lifetime subscription to the HomeCamera Lite service. Moreover, all beta testers are eligible for special subscription rates for various HomeCamera services in future.

I’ve tested out this service thoroughly and as of now they seem to deliver every bit of their promise. This is a far more viable alternative to all the expensive hardware based monitoring systems available in the market. I highly recommend signing up for a beta trial. You can always take a tour of their site/services before you decide on signing up.

As a footnote I’d like to add that while this is a sponsored post, the views expressed here are entirely unbiased and based on personal experience of this service. In fact I’d been explicitly instructed by HomeCamera to express fair and impartial views.