GoldKey USB Data Security Token ReviewFri, Dec 23, 2011 - 12:00 AM
GoldKey USB Data Security Token
Goldkey Security Corporation (http://www.goldkey.com/) is a data security company that offers a variety of products and services to any organization that has mission-critical data to protect. It sells its products in 40 countries worldwide and counts NASA, TSA (US Department of Homeland Security), Missouri Division of Fire Safety, Boston Borough Council UK, Sacramento City USD, New York City Transit, Helzberg Diamonds, American University of Washington DC, University of Arizona, Baylor University, and Baylor College of Medicine among its clients.
Today we will be reviewing a combo package containing one GoldKey Token and one GoldKey Master Token which is available for $199 from the Goldkey Store.
waterproof, tamper resistant and tamper evident
|Supported operating systems||Windows
XP/Vista (with middleware), Windows 7
v10.6 or higher
|Standards||NIST PIV spec SP-800-73-2 and SP-800-73-3, X.509 v3 certificate storage,
CCID, USB 1.1
|Card Capability Container,
Cardholder Unique Identifier, X.509 Certificate for PIV Authentication, Cardholder
Fingerprints, Security Object, Cardholder Facial Image, Printed Information, X.509 Certificate
for Digital Signature, X.509 Certificate for Key Management, X.509 Certificate for Card
Authentication, the Key History Object, twenty Retired X.509 Certificates for Key
Management, and Cardholder Iris Images
|Up to four X.509 certificates
(up to twenty-four X.509 certificates with custom software)
|AES, 3DES, RSA-1024,
RSA-2048, ECC Curve P-256, and ECC Curve P-384
12 x 4.5 mm (1.18 x 0.47 x 0.18 inches)
|0°C to 70°C (32°F to 158°F)|
to 85°C (-40°F to 185°F)
type A (Universal Serial Bus)
The GoldKey Token enables 256 bit AES encryption and decryption of data stored on a local PC, a networked server, or even cloud based data on GoldKey’s Vault servers. It also can be used to enhance Windows login security and e-mail access.
Each GoldKey is a stainless steel, waterproof, tamper resistant, and tamper evident USB device. They have no batteries, so the life expectancy of each GoldKey under
heavy use is at least 10 years. It can use a variety of security algorithms, including AES, 3DES, RSA-1024, RSA-2048, ECC Curve P-256, and ECC Curve P-384.
The combo package came in a small plastic box with the GoldKey Token and Master Token inside. The writing inside the package instructed us to download the manual from GoldKey’s website.
Once downloaded, the PDF manual is very well written, and walks both novice and experienced users through the simple process of setting up a GoldKey Master/Token relationship, as well as covering advanced topics like Active Directory use and Smart Card functionality with certificates.
The Goldkey software must be downloaded from Goldkey’s
website. The program works with Windows XP,
Vista, or Windows 7 (32-bit or 64-bit) and Mac OS X 10.4 (OSX
Tiger) and higher (although the GoldKey tokens are only officially supported on
OSX 10.6 and higher). The software adds support for the GoldKey Security Token to the PC and enables the use of the following features:
- Multi-factor authentication for various types of online accounts.
- On-the-fly file encryption secured by GoldKey.
- Master administration (requires a Master Token).
- Secure access to GoldKeyVault storage.
Windows account lockdown (Vista or higher).
We downloaded version 7.1.11 of the software and installed
it on a Windows 7 64-bit laptop.
After inserting the Master, we were prompted to personalize
the Master. It asked for an 8-character
PIN to be established to secure the Master, along with three security questions
and finally the user’s legal name, e-mail address, and phone number, which can
be used in case the GoldKey is ever lost.
Once the Master key has been personalized, we are able to set up the GoldKey. The Goldkey software then creates a secure drive on the local hard drive that can only be unlocked with the GoldKey. Once the proper Goldkey is inserted and the user’s PIN is entered, the secure drive is unlocked until it is locked again.
Here is a quick video on the GoldKey hierarchy in case you are confused a bit.
GoldKey also supports what it calls “Right-Click Encryption”,
which is used to encrypt a specific set of files or folders that don’t reside
within a secure drive. Using this method, any file or folder already residing on a PC can be encrypted and limited to GoldKey access only.