Platform-friendly micro hard drive offers good encryption but lacks capacity
Stealth is all about prevention. This small-form-factor USB micro hard drive, roughly the size of a pack of cards and weighing approximately a third of a pound, is the latest in secured drive offerings from Memory Experts International (MXI). It uses biometric authentication and 256-bit AES (Advanced Encryption Standard) hardware encryption to keep data safe from prying eyes.
Portable biometric authentication is nothing new, but with MXI’s Stealth you can also move data from machine to machine fairly easily, as this drive works with hardware running Windows, Apple, and Linux OSes that support USB 2.0. There are two caveats: small storage capacity and no easy way to share encrypted storage space.
The Stealth unit has ruggedized rubber edges, which are nice if you accidentally drop the drive, but they make it difficult to slide it into your pocket. The unit comes with two USB cables and a USB micro connector on one side; on the back of the drive is a power connector so you may plug the Stealth in if the USB port doesn’t provide adequate power.
The Stealth micro drive I tested had a storage capacity of 2GB, decent enough for quite a few data applications and documents but not stellar. However, I really liked the fact that the Stealth drive has its own on-board CPU, drivers, and hardware-based cryptographic engine -- this way, authentication occurs on, and will never leave, the drive itself.
Stealth’s ACCESS Console administrative utility makes it easy to manage fingerprints and passwords. The drive itself is a user-focused device, so I had to run the ACCESS Console software off the provided CD to create users, enroll their fingerprints and passwords, and set up disk partitions and sizes.
ACCESS Console allows you to configure up to five users with two fingerprints each. Two different fingertips for authentication are requested — in case one is injured or for some reason the biometric scanner can’t read it. (For those curious about such matters, a severed cadaverous finger will only work until it dries out.)
Because I was the first to enroll, I was assigned a level of Administrator, with the capability to manage biometrics and associated drive access privileges. General Users have access only to their partition and the public partition. The two primary user applications are ACCESS Status and ACCESS Unlock. Status shows the current status of the drive; Unlock allows you to prepare the drive for a finger impression.
After I enrolled the users and chose authentication methods (biometric, password, or both), the drive became accessible upon connection via USB. The user runs either Status or Unlock utilities off the drive and provides authentication to unlock his or her specific user partition.
I would have liked to be able to set a timer on the partition, as once the user’s partition becomes available, that user must run Status to lock the partition again. Users also have to use the Status application to lock the device before running the Windows Safely Remove Hardware applet. Pulling the drive without locking it and safely removing it from Windows results in possible data corruption.
The FMR (False Match Rate) controls the granularity of the fingertip scanner. The scanner was accurate with even the default setting -- it occasionally asked me to rescan my fingertip, but it never incorrectly authenticated a user or locked me out of the drive.
An individual user stores sensitive documents in his or her own secure partition or shares documents in the public folder. Partitions, unfortunately, are tied to users (except for public). There are ways to create a shared encrypted partition, including creating a common password between two users on a third user’s account or making a third user out of other users’ separate fingerprints, but these methods are inelegant. It would be good to have a method for creating a shared encrypted partition in the administrator’s console.
A nice addition to the drive are the encryptable, hardware-based public and private stores, which are not accessible to the file system but can be used with MXI’s SDK. These stores can be used to integrate with applications for PKI and single sign-on, and come in at over 300K per Stealth user. With this capability, the Stealth drive becomes an extensible authentication method for enterprise applications.
Although Stealth might not save an organization from a malicious insider, it’s very usable. If the drive offered a user shareable encrypted partition and a larger capacity, I would recommend it whole-heartedly. As it is, Stealth will definitely find a niche, but it doesn’t bowl me over.
Ease of use (20.0%)
Overall Score (100%)
Microsoft buried a Get Windows 10 ad generator inside this month's Internet Explorer security patch for...
Hot or not? From the Web to the motherboard to the training ground, get the scoop on what's in and...
Microsoft’s 'Fall Update' promised to put the finishing touches on Windows 10 -- it doesn’t
For Android to win over the enterprise, it needs the right apps -- and these offerings definitely mean...
Internet messaging has broken the rule of universal communication standards, and it needs to be fixed ...
We're inundated with exciting new enterprise tech. But for it all to amount to more than the sum of its...
Splunk may be the most famous way to make sense of mass quantities of log data, but it's far from the...