London’s InfoSecurity conference and exhibition is now mercifully behind us, for another year.
But has the balance between hardware and software centric security provisioning been fully addressed by now?
We understand that without secure software there can be no secure hardware (and, hence, no secure data)… but do we further understand that without secure hardware running embedded security software, there can be no secure data in any location?
IoT security fabric
In a world now seemingly dominated by the Internet of Things (IoT) and devices that need to sport ever-increasing layers of security throughout the very fabric of their being, where do we decide where the security fabric really starts?
This tautological question was thrown up recently when CWDN received news of the iStorage PIN-authenticated hardware-encrypted portable data storage range of devices.
These USB 3.1 Hard Disk Drives (HDD) and Solid State Drives (SSD) include the diskAshur², diskAshur² SSD, diskAshur PRO², diskAshur PRO² SSD and the diskAshur DT² all of which are designed, developed and assembled in the UK.
The new drives feature what the company is calling Enhanced Dual Generating Encryption (EDGE) technology.
Essentially still ‘just’ a piece of hardware, iStorage uses a secure microprocessor with what the company is calling Enhanced Dual Generating Encryption technology to create features including: Self Destruct, READ-only (Write-Protect) & READ/WRITE modes.
Who’s gonna drive my driver?
The product requires no specific drivers and works straight out of the box (all hosts will have a USB Host controller).
With the forthcoming GDPR regulations in mind, these products are compliant and also boast built-in physical protection mechanisms designed to defend against external tamper, bypass laser attacks and fault injections.
According to iStorage, the drives within this range react to automated hacking attempts by entering the deadlock frozen state, which renders all such attacks as useless.
The developer angle
“Our new range of diskAshur hard drives are bootable and will run operating systems, PST files and secure applications where developers can write their own software — this functionality can run from any of our diskAshur hard drives,” said the company, speaking directly to the Computer Weekly Developer Network.
Thinking about storage of cryptographic keys and digital certificates in cloud based solutions. As an alternative solution, these drives would take that responsibility away from the cloud or supplement a cloud-based solution, offering (it would appear) double the protection.
The iStorage diskAshur range is platform/device independent and works across all operating systems including all versions of Windows, OS X, Linux, Android, Chrome, thin clients, zero clients and embedded systems.