The Defender F200 defends against unauthorized data access with two-factor identity authentication -- in other words, it demands two passwords -- and the aforementioned biometric finger scanner. The nice thing about this drive is that you can choose to use the security measures or eliminate the ones you don't want. For example, I chose to use only the fingerprint reader on my evaluation unit.
I've reviewed other drives with finger scanners, and while I don't prefer them over simple password encryption, there are some obvious advantages, the main one being that you don't have to remember a password. Also, no one's going to be able to duplicate your fingerprint unless he goes to the trouble of hacking off your finger. A hacker (no pun intended) can always attempt to guess a password and will sometimes succeed.
One of the reasons I'm not crazy about biometric finger scanners on a USB stick is that you need a USB extension cable in order to position the drive comfortably when sliding your finger over the scanner. Imation provided a 6-in. cable with the Defender F200 for that purpose.
Another cool but optional feature for this drive is antivirus and central management software; that's more for the corporate user than for the average consumer, but it's important to note that they're available.
Imation partnered with MXI Security for its data encryption technology, which is powered by MXI's Bluefly processor. Larry Hamid, chief technology officer at MXI Security, said the chip's FIPS 140-2 Level 3 tamper resistance is achieved by virtue of the chip packaging, which has no openings and must be physically damaged in order to gain access to the interior.
"Trying to gain access into the chip package will have a very high probability of rendering the chip inoperable, which meets all of the FIPS requirements," Hamid said.
Identity-based authentication is built into the processor's firmware, which manages up to 10 users and two roles, such as administrator and user. This means up to 10 people can enter their fingerprints and/or passwords to access data on the device. To register your biometric signature, you swipe a finger across the sensor five times. An LED light on the drive will then go from red to green, indicating that the fingerprint is now registered on the drive.
"Since the USB interface is used to communicate both data and critical security parameters, they are not physically separate. They are logically separated by encrypted and optionally authenticated secure channels," Hamid said. "The secure channel implementation in Bluefly uses a FIPS-validated key agreement scheme and allows for multiple simultaneous secure sessions to be active at any time."
Sign up for Computerworld eNewsletters.