Products from DataLocker do not rely on the storage medium for their security

OVERLAND PARK, Kan – November 15, 2018 – DataLocker today issues a statement regarding the Radboud University researchers’ report on SED SSD security weaknesses. The report documents self-encrypting SSD security flaws that are not present in any DataLocker devices.

“DataLocker does not use or rely on the security from any of the affected SSD drives. We rely on our own proprietary security module to fully encrypt standard storage media.. Our devices’ passwords are linked to the encryption key and there are no master passwords – the encryption is derived from the user password encryption is performed by a hardware based cryptomodule which has been validated by NIST through the FIPS 140-2 validation program. . Our customers can rest assured that their data is secure.” said Jay Kim, CEO of DataLocker.

DataLocker devices are protected by hardware encryption that is fully linked to the user’s own strong password in a proven architecture that exceeds the expectations of the most demanding customers. The attacks detailed in the research cannot be mounted, nor can the methodology be applied, against any DataLocker devices. The protection is in part achieved by utilizing dedicated protected security controllers separated from the storage controllers.

DataLocker portable storage products offer ultimate portability by combining 100% hardware encryption with plug and play simplicity. Add to this the control of centrally managing encrypted devices by either SafeConsole or the IronKey EMS central management platforms and the customer can get peace of mind and at the same time meet compliance requirements. An embodiment of DataLocker’s ethos Simply Secure is the Sentry K300 which now is verified as Citrix Ready. The Sentry K300 is the only platform independent, keypad, micro SSD to incorporate an OLED display to enable advanced security features. The display supports true alpha-numeric password-based authentication and a full-featured onboard menu system. With modern security policies requiring alpha-numeric passwords, the K300 is the only storage device with full support for alpha and numeric characters. Users can use the visual, menu driven system to change passwords, set password policy and enable other security features without ever consulting a manual.

About DataLocker

DataLocker (datalocker.com) is an innovative provider of encryption solutions. DataLocker offers encryption products such as external storage, cloud encryption gateways, and central management services for governments, military, and enterprises around the world. DataLocker owns leading encryption solutions under the DataLocker®, DataLocker Sentry®, SafeConsole® and IronKey EMS® brands. Headquartered in Overland Park, Kansas, DataLocker products combine superior convenience and usability with state-of-the-art security. DataLocker is “Simply Secure.”

Advisory Sources:

Microsoft MSRC ADV180028 | Security Advisory
Guidance for configuring BitLocker to enforce software encryption