While data breaches caused by online hackers tend get the most headlines, one of the most common ways that an organization’s data is compromised is through the loss or theft of computers and thumb drives. Just last week, a thumb drive containing the personal information of more than 700 patients at Oregon Health & Science University was stolen from the home of a university employee. Though most of this data was reportedly password protected, in many instances that’s not the case.
In an effort to address this growing problem, California-based Enova Technology has announced the launch of a new USB data encryption solution called the “Enigma,” which would render any stolen or lost thumb drive useless.
According to Bob Fleming, director of product marketing at Enova, the Enigma is essentially a USB-to-USB key management system, creating a connected pair between the computer or the network and the thumb drive. When someone connects a USB storage device to a computer using the Enigma module, the user is asked to setup a recovery password up to 32 characters in length, thereby making the user the only one able to retrieve the data.
"At any point in time when the product is involved, it will actually request from the storage device behind it authentication and it will ask for the presentation of keys," Fleming explained. "So, if the key presentation is equivalent to what enigma has in the key management then you will be able to see the data on the drive. If it’s not correct, you won’t be able to see the data. It’s a very simple, yet intuitive device."
The module can also prevent a user from downloading malware from a USB storage device onto their desktop PC or corporate network.
"We actually have an anti-malware suite of products. If you were to click on write-protect or safeguard boot sector, we can do both of those things," Fleming said.
The "write-protect" feature disables data from the thumb drive from being copied onto a computer while the "safeguard boot sector" feature prevents malware from infecting the Master Boot Record of a USB stick.
Although the company has sold data-at-rest security solutions to the U.S. Department of Defense and other government agencies since 2004, Fleming said the Enigma is the "tip of the iceberg" when it comes to the company’s product development roadmap for the business-to-consumer and business-to-business markets. He added that the Enigma module is an "enterprise play" for Enova and that it is ideal for organizations that are required to protect data inside their systems and "at-rest" such as the financial, insurance and healthcare industries.
"The enterprise play can take multiple dimensions," said Fleming. "We’ve heard from people who have used the product and tested it in the IT space, specifically with regard to helpdesk folks, they are very cognizant of downloading malware, a virus or spyware and now that we actually have a product that defeats those systems… we’re all of a sudden something unique in the marketplace and we look at being unique as being good at this point."
The Enigma is currently available in two models that use AES encryption (electronic codebook or ECB and cipher-block chaining or CBC).