In this day and age, most businesses have employees that transport sensitive data beyond the trusted internal network with USB Flash drives. Many of you know about the Federal Information Processing Standard (FIPS) that is used to accredit cryptographic modules. The FIPS 140 Publication Series has been around for a decade now and if you have ever shopped for enterprise USB Flash drives you might have seen some advertised as FIPS 140-2 Level 2 Certified for example. FIPS 140-2 defines four levels of security and if you’d like to know more about these you can read about them here.
Many corporations are now requiring that their employees must carry a FIPS 140-2 Certified device with 256-bit AES Encryption to help keep corporate secrets and data safe and sound. The largest two players in that market are clearly IronKey and Kingston Technology.
IronKey came to the market bringing secure USB Flash drives to the market nearly a decade ago and have been focusing on security since day one. They have numerous FIPS 140-2 Certified devices, but they have two main models; the S200 and D200 that are both FIPS 140-2 Level 3 certified. The S2000 series uses more expensive, high performance and longer lasting dual-channel SLC NAND Flash memory components. SLC typically lasts 10 times longer than MLC and believe it or not these USB Flash drives do use hardware-based wear leveling, much like many of the Solid-State Drives (SSDs) found on the market today. IronKey rates these drives as having up to 27 MB/s read and up to 24 MB/s write speeds. Ironkey also has the more affordable D200 series available that has dual-channel MLC NAND Flash memory components on it. These drives have read speeds of up to 25 MB/s and write speeds of up to 17 MB/s. So, you lose about 30% of the performance, but the security remains the same. Both the IronKey S200 and D200 series are backed by a one year warranty. We will be looking at the basic and personal versions of these drives. The only difference here is that IronKey Personal also includes an online Identity Manager to safely generate, store, and backup strong passwords.
Kingston Technology has dominated the Flash memory market for years and they too, have FIPS 140-2 Certified devices on the market today. The Kingston DataTraveler 4000 is a FIPS 140-2 Level 2 certified drive that uses dual-channel MLC NAND. Kingston rates these drives as having speeds of up to 18 MB/s read and 10 MB/s write. Kingston has another drive series called the Kingston DataTraveler Vault Privacy Edition that is virtually identical to the DataTraveler 4000, but doesn’t have FIPS 140-2 Level 2 certification. The only other difference between the two drives is that the DataTraveler Vault Privacy has an aluminum casing and the DataTraveler 4000 has a titanium coating. Internally, both drives use same dual-channel MLC technology, but DataTraveler Vault Privacy Edition has faster speeds ratings of up to 24 MB/s read and up to 10 MB/s write. Essentially if your business isn’t required to comply with the FIPS 140-2 certification program you are better off with the DataTraveler Vault Privacy as you don’t have to pay for the certification. Both the Kingston DataTraveler 4000 and Vault Privacy Edition are backed by five year warranties.
On paper it looks like the IronKey solutions should be faster, but you can’t believe everything a company tells you when they are marketing a product they are trying to sell you. Since security is such a big deal to corporations these days we decided to order in these Flash drives and do some testing of our own. We’ve heard rumors and have experienced ourselves that review sites often get ‘cherry picked’ samples, so we ordered in as many drives as our $1000 self-prescribed budget would allow. You can look at our receipts from Amazon.com, TigerDirect.com and PConnection if you’d like!
The drives that we ordered in for testing are shown below.
Kingston DataTraveler 4000 Series
Kingston DataTraveler Vault Privacy Edition
IronKey S200 Series
IronKey D200 Series
As you can see the IronKey drives cost significantly more money, but remember they are rated as having better performance and they are FIPS 140-2 Level 3 validated. The Kingston DataTraveler 4000 series is rated at FIPS 140-2 Level 2 and the DataTraveler Vault Privacy Edition is not FIPS certified. Ironkey says that the FIPS 140-2 Level 3 builds on tamper-evident requirement of Level 2 by calling for additional safeguards. In the case of the IronKey device these defenses actively detect and respond to threats, such as someone scanning the memory, physically accessing the memory, or attacking the drive by trying to guess the password or crack the keys. Let’s take a look at the test system and then see how these drives perform!