Hardware vs software encryption for encrypted USB flash drives…

USB drives have proven their value for companies of all sizes, in many important ways. They have delivered tangible benefits as file sharing and mobility tools, as backup drives and much more. We are often asked about the differences between hardware-based and software-based encryption used to secure a USB drive, so in this blog we discuss just that.

Due to the ease and mobility of today’s USB drives, sensitive and valuable data stored within the USB drive can be easily lost or stolen. To combat the disadvantages of using standard consumer USB drives for storing and moving business data, Kingston introduced a range of secure USB drives designed specifically for corporate use. These secure, encrypting USB drives have helped businesses large and small transport their mobile data securely and confidently. Encryption of the USB drives can be performed two different ways, on either the hardware or software.

Hardware-Based Encryption

  • Uses a dedicated processor physically located on the encrypted drive
  • Processor contains a random number generator to generate an encryption key, which the user’s password will unlock
  • Increased performance by off-loading encryption from the host system
  • Safeguard keys and critical security parameters within crypto-hardware
  • Authentication takes place on the hardware
  • Cost-effective in medium and larger application environments, easily scalable
  • Encryption is tied to a specific device, so encryption is “always on”
  • Does not require any type of driver installation or software installation on the host PC
  • Protects against the most common attacks, such as cold boot attacks, malicious code and brute force attacks

Software-Based Encryption

  • Shares computers resources to encrypt data with other programs on the computer – Only as safe as your computer
  • Uses the user’s password as the encryption key that scrambles data
  • Can require software updates
  • Susceptible to brute force attacks, computer tries to limit the number of decryption attempts but hackers can access the computer’s memory and reset the attempt counter
  • Cost-effective in small application environments
  • Can be implemented on all types of media

How we can help

Complete IT Systems and Kingston Technology have the solutions, experience, accreditations and skills to provide your business with the security solutions you need. For more information call us on 01274 396 213 or contact us and we can call you back.