In
this week's Tech Update column I referred to a new series I'm running here on the blog (and we will mention them in print if space allows) for the holidays that the editors decided to call “Tech under the tree.”
The first new product I've heard about for this season that will be a good fit for advisers is the Apricorn Aegis Padlock, a 756 GB portable secure hard drive (see the short slideshow below for a look at the device).
For those that are unaware of the potential for disaster and want to understand why it is important to begin using encryption with your client data check out the “related stories” below (it is not pretty).
With its small form factor (the drive itself is a 2.5-inch and the device weighs in at just 6.7 oz.), high-speed USB 2.0 connection, and no installation or software required, the Aegis Padlock is a convenient and secure way for those advisers that just have to transport their data with them.
If you must use a portable drive, this model provides you with some built in protections including a keypad requiring a six- or twelve-digit pin to unlock the device. There is software out there that can be used to harden a portable drive, meaning add encryption to it, but that requires extra effort on your part or that of your administrative/technology staff. There are also models that use biometrics (fingerprint scanners for example) or security tokens as well but again that can add an additional layer of complexity.
With this device you enter your pin and it unlocks the device. Otherwise the data on board stays encrypted while at rest (meaning when it is off/unplugged). The encryption level is your choice of 128-bit or 256-bit AES.
There is also an administrative feature that allows “enrollment of up to 10 unique user ID's,” meaning that the device can be shared between people in an office or team.
It is very simple to set up though, I did not go slowly enough when first setting up the device: I had a time getting the default administrative PIN number changed to my own choice but did after two tries. I believe I was just proceeding too quickly. The very clear directions on the single-page “Quick Start Guide” that accompanies the device are easy to follow even if there are seven steps. Despite my screw up, I still had it set up and ready to go within 10 minutes.
One caveat for Mac users: The device arrives preformatted in NTFS file format, which is for use with Microsoft Windows operating systems (XP, Vista, and Windows 7).
While the features table on the box list “Windows, Mac and Linux” on the row entitled “Compatibility,” keep in mind that to use the drive with a computer running a version of the Macintosh operating system you will have to reformat it (there are instructions on the reverse side of the guide referred to above).
Several things set this device apart in terms of security. First is its military grade
FIPS PUB 197 validated encryption algorithms.
Next, the device has a built-in “brute force self destruct feature.” Basically what this means is that the drive won't appear (for example in your Windows task tray or Windows Explorer) or be available after it is plugged in until it is unlocked — meaning the correct PIN number has been entered. After several incorrect entries (the company will not, for security reasons, state how many this is) the drive will lock itself. You or a thief/hacker would then have to unplug it and plug it in and start the process over again (the idea being that a more sophisticated thief/hacker would be inconvenienced and couldn't plug it in and run a program that continually hammers the device with potential PIN numbers). Lastly, once an undisclosed (again, for security reasons according to the company) number of failed PIN entries are made the device's own logic decides, “Aha, someone is really trying to hack me” and in turn self-destructs, meaning it deletes the valid encryption key. That takes the drive back to factory default, requiring a new PIN and encryption key and the encrypted data on it becomes useless.
While I plan to take a look at additional drives as time permits, advisers can, in the meantime, head over to
eWeek.com where my former colleague, Matt Sarrel, recently reviewed a couple of secure USB memory devices and portable drive.
For more information visit the Apricorn
Aegis Padlock page online.
Related stories:
Encryption is key to keeping client data safe from thieves
Data theft puts LPL clients at risk, Firm says its security is no worse than other companies'
Encryption and protection of client data, SEC, Finra, Massachusetts and Nevada
