The use of software encryption for portable drives is a flawed and dangerous practice with potentially disastrous consequences. It is akin to a charade, offering a false sense of security and protection.
5 REASONS WHY SOFTWARE ENCRYPTION OF USBs IS UNACCEPTABLE
1. Regular USB drives offer no protection for the stored software-encrypted data
One of the key differences between regular USB drives and other methods of data protection is that regular USB drives do not have any built-in mechanisms for protecting the data that is stored on them. This means anyone with physical access to the drive can simply plug it into a computer and access the information on the drive, regardless of whether that data is encrypted.
In contrast, other data protection methods, such as full disk encryption and TPM (Trusted Platform Module), offer additional security measures that protect the data on a device, even if it falls into the wrong hands. For example, full disk encryption uses a bootloader and a TPM to protect the integrity of the encrypted data, making it much more difficult for unauthorized users to access the data on the device.
Another critical difference between regular USB drives and other methods of data protection is that regular USB drives are often more susceptible to physical damage, such as being dropped or exposed to water or extreme temperatures. This means that the data on a regular USB drive can be lost or corrupted if the drive is not appropriately handled. In contrast, other data protection methods offer additional safeguards against physical damage.
In summary, regular USB drives offer no protection for the stored software-encrypted data, making them vulnerable to being accessed or manipulated by unauthorized users. Other data protection methods, such as full disk encryption and TPM, offer additional security measures that protect the data on a device, making them a better choice for protecting sensitive or valuable data.
2. Swapping encrypted data for ransomware/malware
Swapping encrypted data for ransomware/malware can be used by cybercriminals to gain access to corporate networks and steal sensitive information. The idea is simple: the attacker replaces the data on the encrypted software drive with malware. The malware is automatically installed when the victim plugs the USB drive into their computer and can begin infecting the network.
One way to protect against this type of attack is to implement strict controls on using USB drives within the organization, but that would not protect against the approved software drive infected by malware. Limiting the general usage will help minimize the attack vector. This can include requiring employees to register their USB drives and continuously scan them for malware. Robust endpoint security solutions can prevent malware and ransomware from spreading across the network.
It is also crucial for employees to be aware of the risks associated with using unknown USB drives and with exercising caution when inserting them into their computers. In many cases, avoiding using regular USB drives can be the most effective way to protect against this attack.
3. Harvest now, decrypt later (it won’t be long before they access the data)
This is a “harvesting, decrypt later” attack, in which an attacker copies encrypted data without the user noticing. The attacker can then return the encrypted software device, and there will be no sign that the data has been stolen. This could be an insider, cleaning staff, or anyone with access to the device.
One example of this attack is the use of distributed password cracking to recover the password for a software-encrypted USB drive. Once the password has been retrieved, the attacker can continue to access the encrypted data on the USB drive without the user’s knowledge. Companies like Elcom offer this service, and with the help of cloud-accelerated attacks, it is possible to attempt thousands of password combinations per second.
To protect against this attack, it is crucial to use strong and unique passwords to encrypt data and regularly change them to prevent them from being guessed or cracked. It is also essential to avoid unlocking encrypted devices on unmanaged computers, as this can expose the encryption key and make it vulnerable to capture. Individuals and organizations can better protect their data from these attacks by taking these steps.
4. User error: Erasing the security and exposing new data
When it comes to data security, one of the critical tools that organizations use is encryption. This involves encoding data so it can only be accessed by those with the correct key or password. Encryption is a powerful tool, but it needs to be foolproof. Users can expose new data even when encryption is used, potentially putting the organization at risk.
One common scenario where this can happen is when users are using encrypted software USBs. These devices often transport sensitive data from one location to another. The data is encrypted on the USB, so the data is still protected even if the device is lost or stolen.
However, when using these devices, they can accidentally erase the encrypted data. This can happen when the user wants to make space on the device for new data. To do this, the user may simply erase the encrypted data without realizing the implications.
Once the encrypted data has been erased, the user may transfer new data onto the device without realizing it is no longer encrypted. This can lead to a situation where the organization violates its compliance requirements, potentially putting the organization at risk of a data leak.
In addition, when users mishandle encrypted software USBs, data corruption and loss can also become commonplace. This can be frustrating for users, who may blame IT for the assumption that the “security” was always on.
To avoid these issues, organizations should ensure that they provide clear guidelines and training to users on how to handle encrypted software USBs properly. This can help to prevent user errors that could expose new data and put the organization at risk. In addition, organizations should consider implementing additional measures, such as software encryption, to ensure that data is always protected, even when users handle it.
5. The software-encrypted device will need to be scrubbed or shredded
In addition to the features mentioned in the article, DataLocker devices also offer two-factor authentication for added security. This means that in addition to entering a password, the user must provide a second form of authentication, such as a security token or fingerprint, to access the encrypted data. This additional layer of protection makes it much more difficult for unauthorized users to access the data on the device.
DataLocker devices are also designed to be tamper-resistant. If someone attempts to open the device unauthorized, the encryption key is automatically destroyed, rendering the data on the device permanently inaccessible. This provides an extra level of security for organizations that need to protect sensitive data.
Furthermore, DataLocker devices are compatible with many operating systems, including Windows, macOS, and Linux, making them versatile solutions for organizations with diverse technology environments. They are also available in various sizes and capacities, allowing organizations to choose suitable devices for their specific needs.
Overall, DataLocker hardware-encrypted devices offer a secure, easy-to-use solution for organizations that need to encrypt their mobile data. With automatic encryption, two-factor authentication, and tamper-resistant design, these devices protect organizations that need to keep their data safe.