The USB ‘thumb' drive started life as a simple way to move files around without company admins knowing anything about it, a sort of sneakernet for the 21st Century. This period of naïve technological glow lasted about a year. Pretty quickly, IT departments caught on to the lurking dangers, namely that people could use them to pilfer sensitive data, or just lose it in unencrypted form down the back of a sofa.

From being a convenience, USB drives because a stress, but did at least launch a sizable industry producing products to block, control, counter and tame them. More recently, vendors have returned to the basic design of the drives themselves, adding features that overcome some of the basic problems of the first-gen drives, especially security.

Something odd has happened though. As vendors add more and more features, the drives have slowly been turning into simple ‘parasitic' computers, with their own apps, security, storage and ability to firewall themselves from whatever PC they have been plugged in to. This is what almost happened with the U3 standard in 2003, but that was slow to take off because ISVs had to write special ‘U3' apps, which few could be bothered to do.

More recently, U3 backer SanDisk more or less threw in the towel and collaborated in a new venture with Microsoft called StartKey. SanDisk has talked of its plans for ‘computers on a stick' (our phrase, not theirs) without offering a great deal of detail. The world waits for further developments on this front.

Meanwhile, SanDisk has ploughed on with its conventional USB drives, adding automatic 256-bit AES encryption, which first appeared on the Cruzer Pro we looked at some months ago, and which reappears on the more Cruzer Enterprise looked at here.

The Cruzer Enterprise's encryption works in much the same way as does the standalone product, asking the user for a complex passphrase, which is used to encrypt all date heading to the drive from that point on using a built-in chip. Attempts to guess the password cause the drive to enter ‘lock-down' mode which makes all data inaccessible.

One brand new feature is built-in McAfee anti-malware scanning, which monitors all files moving to and from the drive for infection, as well as scanning the host PC itself when first attached. Security parameters on the drive's console are limited to updating the signatures being used to detect malware. Note that while the integrated protection is free of licensing, customers need to pay for the separate CMC (Central Management and Control) server, needed to manage a fleet of such AV-enabled drives. This can also look after the encryption and remote drive wiping.

Businesses using RSA's RSA SecurID software authentication will note that the Cruzer can function as a token on such networks, a neat if proprietary extension to its security features.


What's to like that takes the Cruzer beyond the incarnations already out there? The encryption design is still excellent, but that's been around for a while. The integrated malware scanning using a McAfee system is worthy too, but the level of control and scanning depth is probably modest. It's impossible to say that infected files couldn't get on to the drive, but perhaps that's holding the drive to too high a standard of perfection. It should be remembered that very few USB drives come with any protection at all.

If SanDisk's plans are to be believed, the best is still to come for the Cruzer Enterprise, including tantalising talk of turning it into a complete mini-virtualised environment on a stick. We will see, but in the meantime the Cruzer has competition in the form of the well thought out IronKey, which we plan to review next month.


A separate FIPS 140 level 2 version of the Cruzer Enterprise is available for companies that need such security assurance. This mainly offers protection against physical tampering. For competition see equivalent products such as the IronKey, which now also comes with a decent-looking management console.