Using USB drive encryption to keep data secure

There are many options for USB drive encryption, from device hardware to software programs, and all of them can help keep corporate data secure

Mobile workers often put corporate data and files on USB drives to take on the road, so protecting those files and data in case a drive is lost or stolen is important.

There’s no denying the convenience of USB media, from flash drives to hard drives. Mobile workers and corporations everywhere use them. Their very portability and accessibility, however, makes USB drives prone to loss, theft and data leakage. USB drive encryption is the only viable option for corporations looking to protect valuable data while balancing control and accessibility.

Most new operating systems and applications offer USB drive encryption capabilities, and there are a number of third-party options as well. When choosing which USB drive encryption to use, the first decision is between file-by-file and full-disk encryption technologies. It may seem simpler to use the file-by-file encryption that is built into applications such as Microsoft Word and third-party compression utilities such as PKZIP. These temporary encryption technologies decrypt files on demand and may leave readable copies behind, so it may be better to use on-the-fly full-disk encryption, which is more secure and compatible -- and easier to use.

Another important choice is whether to use USB drive encryption hardware built into a device or to use a software application. Certain devices, such as flash drives from IronKey, offer high levels of encryption and feature anti-tampering technology to keep data even more secure. Many secure USB drives also include software for remote management and security policy enforcement, which may be appealing to corporate buyers.

There are plenty of software options for protecting USB drives, and they include TrueCrypt,  FreeOTFE and the BitLocker and FileVault software that comes with Microsoft Windows and Mac OS X, respectively. One advantage to using TrueCrypt or FreeOTFE is that these free software packages enable IT admins to create cross-platform drives compatible with Windows, Mac, and Linux computers. Some USB drive encryption software also lets admins create undetectable encrypted partitions on seemingly normal USB drives. It is even possible to create a drive within a drive, with one detectable drive for plausible deniability and another invisible drive that actually contains the data.

It has never been so easy to encrypt and protect data, and there are a number of exciting hardware and software choices. Many IT managers will be happy with the pre-packaged offerings from companies such as IronKey, Iomega, Kingston Technology and SanDisk. Admins who want to customize their USB drive encryption with cross-platform and truly invisible protection may choose instead to look at software from TrueCrypt and FreeOTFE.

Dig Deeper on Enterprise mobile security