The drives have a range of features, including hardware-based 256-bit AES data encryption, and have (or are in the process of receiving) varying levels of FIPS () 140-2 Level 3 validation.
The drives vary in form factor and size, including two flash drives, two hard drives and an optical line of disc drives. I thought the most useful one to review would the Defender F200, a biometric flash drive with all the bells and whistles, including a waterproof casing, a built-in fingerprint scanner and the ability to create multiple disk partitions.
The Defender is awaiting Level 3 FIPS validation, second only to Level 4 for overall security. To achieve FIPS Level 3, a device must have some form of physical tamper resistance, password authentication, and a physical or logical separation between the interfaces by which "critical security parameters" enter and leave a device and its other interfaces.
But all that security doesn't come cheap. The drive comes in capacities ranging from 1GB to 32GB and has a suggested retail price of $99 to $349, depending on its capacity. I find $99 for a 1GB flash drive outrageous, but if you need a device with the highest level of security, it may be worth it to you.
The Defender F200 drive is a bit beefier in size compared with a typical USB drive, but that's to make room for an ergonomically designed biometric finger scanner. The drive comes in a metal, "tamper-resistant" enclosure, which basically means there are no screws showing. However, you could easily slip a flat-head screwdriver between the joint where the upper and lower casing meet and force it open.
One thing I don't like is the large removable sleeve used to protect the finger scanner. I like USB drives that slide the body out or have flip-out hinges. That way, there's no cover to lose.
I don't think it's uncommon for people to in desk drawers, in the pockets of clothing headed for the wash, in car seats or under couch cushions. I've lost more than my share of flash drives to absentmindedness over the past several years, so I want any USB drive I own to have excellent security -- but still be simple to use. This drive absolutely fulfills that need.
The Defender F200 defends against unauthorized data access with two-factor identity authentication -- in other words, it demands two passwords -- and the aforementioned biometric finger scanner. The nice thing about this drive is that you can choose to use the security measures or eliminate the ones you don't want. For example, I chose to use only the fingerprint reader on my evaluation unit.
I've reviewed , and while I don't prefer them over simple password encryption, there are some obvious advantages, the main one being that you don't have to remember a password. Also, no one's going to be able to duplicate your fingerprint unless he goes to the trouble of hacking off your finger. A hacker (no pun intended) can always attempt to guess a password and will sometimes succeed.
One of the reasons I'm not crazy about biometric finger scanners on a USB stick is that you need a USB extension cable in order to position the drive comfortably when sliding your finger over the scanner. Imation provided a 6-in. cable with the Defender F200 for that purpose.
Another cool but optional feature for this drive is antivirus and central management software; that's more for the corporate user than for the average consumer, but it's important to note that they're available.
Imation partnered with MXI Security for its data encryption technology, which is powered by MXI's Bluefly processor. Larry Hamid, chief technology officer at MXI Security, said the chip's FIPS 140-2 Level 3 tamper resistance is achieved by virtue of the chip packaging, which has no openings and must be physically damaged in order to gain access to the interior.
"Trying to gain access into the chip package will have a very high probability of rendering the chip inoperable, which meets all of the FIPS requirements," Hamid said.
Identity-based authentication is built into the processor's firmware, which manages up to 10 users and two roles, such as administrator and user. This means up to 10 people can enter their fingerprints and/or passwords to access data on the device. To register your biometric signature, you swipe a finger across the sensor five times. An LED light on the drive will then go from red to green, indicating that the fingerprint is now registered on the drive.
"Since the USB interface is used to communicate both data and critical security parameters, they are not physically separate. They are logically separated by encrypted and optionally authenticated secure channels," Hamid said. "The secure channel implementation in Bluefly uses a FIPS-validated key agreement scheme and allows for multiple simultaneous secure sessions to be active at any time."
Because I used a to test this drive, the autorun feature did not automatically boot up the drive's setup window when I plugged the drive into the USB port. As the drive's manual instructed, I simply opened the drive's file system and selected the start.exe folder, and off I went. (Note: The setup window is also where you configure your administrator account and password for corporate control of multiple F200 flash drives).
The first thing the setup procedure asks for is your language (English is the default). It then asks you to personalize the drive. You can choose "standard" or "custom." By choosing "standard," you get only the biometric (fingerprint) security option, with no need for two-factor (password) authentication.
Like most good USB sticks with encryption, the Defender allows 10 password attempts before the drive permanently locks and requires a user to reformat it, wiping all data stored on it.
The default setting is for the entire drive to become one private partition, but you can also create multiple partitions. The ability to create multiple partitions on a flash drive is relatively new but by no means unique.
On the performance side, the F200 fell short. Using Simpli Software's , the drive revealed an average sequential read speed of 18.6MB/sec., a burst speed of 19.8MB/sec., a random access time of 0.8 milliseconds and a CPU utilization rate of 9%.
I then tested it with the . This freeware provides you with both read and write speeds. The drive's read speed again peaked at 18.4MB/sec. Its write speed peaked at 8.1MB/sec.
I compared it against the , which Computerworld reviewed a couple of years ago. The IronKey is also FIPS Level 3-validated, and has anti-malware and remote administrative control features.
HD Tach showed that the IronKey had a burst speed of 31MB/sec., an average read rate of 29.6MB/sec. and a 6-millisecond random access rate. In other words, the IronKey is almost twice as fast as the F200. (The IronKey's CPU utilization rate was also, at 22%, vastly higher than any other drive we tested.)
When it comes to pricing, Imation's Defender F200 seems high, but you have to remember that you're paying for an extremely secure device.
The drive comes in capacities ranging from 1GB for a suggested retail price of $99 to 32GB for $349. As of this writing, it was only available to resellers, but it should be on the general market soon.
Overall, the choice of Imation's Defender F200 comes down to a matter of security options over performance. If you really like the idea of a biometrics reader, the F200 makes sense. But if you're concerned with performance, the IronKey has the F200 beat hands down.
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at or subscribe to . His e-mail address is .