DataLocker Sentry ONE Encrypted Flash Drive

Combining hardware encryption with plug and play simplicity.

Every year, 20 million unprotected USB drives go missing. If the data stored on those drives ends up in the wrong hands, you can lose public trust, put citizens at risk and suddenly find yourself in the middle of a PR scandal. Secure USB flash drives are an essential component of a comprehensive data loss prevention (DLP) strategy. The security must be implemented in the hardware in order to combat the evolving threat landscape. With your data stored on the hardware-encrypted Sentry ONE, it is always protected from unauthorized access.

Building on the design of our best selling Sentry 3 FIPS, the DataLocker Sentry ONE adds the flexibility of being centrally managed by the SafeConsole central management platform. Utilizing AES 256-bit encryption, this secure USB flash drive delivers ultimate portability and security. This next-generation, smart USB 3.2 GEN 1 drive is 100% hardware encrypted and is available in:

  • Standard Models
  • Managed Models – managed by SafeConsole (device control license required – license sold separately)


DataLocker Sentry ONE is available in standard or managed versions. The managed version requires a SafeConsole device control license. SafeConsole is a secure cloud or on-premises management platform that allows your organization to centrally manage compatible USB storage devices securely, easily and efficiently.


DataLocker Sentry ONE offers affordable military-grade security with AES 256-bit hardware-based encryption in XTS mode that provides always-on protection for your data. Unlike software-based encryption, the Sentry ONE encrypted flash drive’s cryptochip does not export encryption keys to the host PC, thereby protecting against cold-boot and malware attacks.


  • Tamper evident seal for physical security
  • The entire device is FIPS 140-2 Level 3* certified, not just the controller
  • Unlock in Read Only Mode to prevent files from being modified or infected with malware
  • Configure inactivity AutoLock to prevent unwanted access
  • Initiate a reset sequence after 10 consecutive incorrect password attempts and return to factory settings