I have always been a bit skeptical of the IronKey secure flash drive. While boasting some sexy features, the cost seemed probitive and unjustified to me. After several reader questions I decided it was finally time to get one of these devices and try it for myself. The result: I’m convinced that this is the ultimate in secure, portable data. Due to its extreme cost I am still not converting over fully to IronKey, but I would if I could afford to. There are several features of this device that make it desirable to both enterprise users and the privacy-minded.
IRONKEY SECURE FLASH DRIVE
Superficially, this is a very nice drive. The brushed metal case is handsome, and is epoxied to the “guts” of the drive. This adds both robustness and waterproofness. I have no concerns whatsoever about the IronKey being able to withstand daily abuse. The construction also limits the ability to an attacker to disassemble the device and attempt to disable the self-destruct feature. If I have one complaint about form-factor it is size. I do wish the device were a little smaller. It is larger than I prefer for daily pocket carry.
When it comes to data security, nothing that I am aware of approaches the IronKey secure flash drive. First, all of your data is encrypted on the device using AES-256. Encryption occurs not through a software solution like VeraCrypt, but through a dedicated hardware chip. IronKey calls this the “crypto chip”. Encryption at the hardware level is much harder to defeat than software encryption alone. This can alleviate fears of the device being disassembled and the hardware being directly forensically attacked.
The other major security feature is the ability of the IronKey to self-destruct. After 10 incorrect passcode attempts a hardware mechanism activates that physically destroys the device’s storage. This renders the data completely unrecoverable, and protects your data against brute-forcing attacks against the password. It also renders the device unusable – ever. The IronKey presents multiple warnings before you device is destroyed. After three consecutive bad password attempts you must remove the IronKey and re-insert it. On the tenth attempt you will receive two back-to-back warnings. If the tenth attempt is incorrect, your device self-destructs ala Mission Impossible. Sadly there is no puff of smoke, only a red LED on the device.
Another feature that I fell in love with is cross-platform compatibility. With the IronKey you don’t need to install a program to decyrpt your files. You simply plug the drive in and wait for the password prompt to appear. After entering the password the drive will mount, and you can access your files. It works on Windows, Mac, and Linux computers, with or without administrator privileges.
THE BOTTOM LINE
The IronKey secure flash drive is an extremely well executed device. It is timelessly stylish, rugged, and protects your data to an almost shocking degree. However, it is cost-prohibitive for most users. List prices range from $109 (S250, 2GB) to $849 (S1000, 128GB). I have found these to be somewhat cheaper on Amazon.com, but not by much. By contrast a decent 128GB USB flash drive can be had for around $40. If you can afford the IronKey, go for it. If you have sensitive files that require the utmost security, go for the smallest one that will accomodate your needs.
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.