iStorage DatAshur Personal
The DatAshur Personal from UK firm iStorage is an encrypted USB stick whose unique selling point is that the user gains access to the data stored on it by entering a PIN of between seven and fifteen digits. This design means that unlike rival encryption-based USB sticks, the DatAshur can be plugged into pretty much any desktop OS without the need for drivers or any special software to perform decryption.
It’s a PIN-entry design that the firm uses on a range of products, including the DiskGenie external hard drive Techworld reviewed four years ago, so the idea has been around for some time (the full range of PIN storage can be seen on the firm's website).
There are two models in the range; the DatAshur, an aluminium-clad model with FIPS 140-2 validation for high-security use and the cheaper, plastic-clad DatAshur Personal reviewed here that has most of the security features of the former without the same ruggedness.
The procedure for setting up and using the drive isn’t complex but quickly becomes fiddly. Resetting the PIN from its factory default to a secure alternative took us 10 minutes to perfect and proved hard thanks to the small size of the keypad and the need to pay attention to prompts from green and red LEDs.
Accessing the drive’s contents was a bit easier and involved pressing a key symbol before and after entering the chosen PIN and inserting into the PC within 30 seconds. This PIN can be a number or, in telephone keypad style, a word, although the latter option will potentially involve a lot more key presses not to mention good eyesight.
In terms of security, the drive uses AES 256 bit hardware encryption and an admin mode (using a separate PIN) that allows the drive to be configured as read-only. Removing the drive from the PC automatically locks it. As with a lot of secure USB drives, entering the PIN incorrectly 10 times will cause an automatic reset, protection against brute forcing.
Undoubtedly the DatAshur Personal offers a lot of security but so do rivals USB sticks built around hardware encryption. The advantage of using a PIN is that the drive can be used without drivers or any software with almost anything with a USB port that can see a filesystem, including Windows, Linux, Mac, embedded systems, thin clients and even Android devices.
A second advantage is that because the PIN is entered on the drive itself, keyloggers have no keyboard password to sniff.
The drawback appears to be price, with the smallest 8GB model based on USB 2.0 still costing £29, with the metal FIPS 140-2 version about twice that price. That’s about eight to ten times the price of the same capacity on a standard USB stick with no security, and roughly twice the price of rival products that come with an identical level of encryption security.
Unless the platform independence is a necessity, we’d say that the PIN entry and setup procedure is also too fiddly to recommend for anyone with larger than average (i.e. male) fingers. It worked quite well on the firm’s external hard drives when we reviewed unit in 2010 but scaling the idea down to a USB drive is probably pushing at the edge of what is usable.
As secure USB drives go, the DatAshur is expensive and we found it fiddly to configure and use for anyone with adult fingers. If it’s not used often there is a risk of forgetting the PIN number, which would mean a re-format and lost data for it to be used again. On the plus side, it requires no software to work on any desktop platform, be that PC, Mac or Linux and is undoubtedly highly secure should it be lost. Anyone using one of the larger drives to transfer lots of files will be disappointed to learn that it doesn’t support USB 3.0, more of an inconvenience than an oversight but worth noting all the same. The bigger question is does its design to a better security job for the money than the alternatives? A good example of the competition would probably be Kingston’s DataTraveler Vault Privacy 3.0, a cheaper secure USB stick that will work out of the packet with Windows and OS X. This has the same hardware encryption – AES-256 – with none of the fiddling with PIN codes before the drive is connected to the computer. Kingston offers the same basic design in a FIPS 140-2 version for not much more money with a longer guarantee of five years, which leaves the DatAshur Personal looking over-priced. The drive’s one important advantage is its ability to work with Linux systems, including Chromebooks, embedded systems and thin clients. For anyone needing that convenience, this is the best solution; users who don’t plan to go beyond the Windows or Mac world can find less expensive products elsewhere.