Page 14 - Security Today, March 2021
P. 14

“Updates in Prop. 24, they said, would create, among other things, a system to enforce CCPA and triple fines on companies that violated under-aged children’s privacy.”
means to secure such data is the use of encryption.
Encryption converts inputted information into blocks of basi- cally unreadable or undecipherable data. (Encrypted information is referred to as ciphertext, and non-encrypted as plain text.) En- cryption technology can be either hardware or software-based. And, yes, there is a difference between the two, with hardware
encryption being preferred.
Software encryption uses any of a variety of software pro-
grams to encrypt the data. As the data is being written or read, the programs, using the system’s or device’s CPU, encrypt or de- crypt it as applicable. While software encryption is cost effective, it is only as secure as the system it is used on. If the code or pass- word is cracked by being sniffed in the system’s memory, encrypt- ed data becomes an open book. Also, since the processor does the encryption and decryption, the entire system slows down, often to a crawl, when the encryption process is taking place.
A hardware-centric/software-free encryption approach to data security is the best defense against data loss, as it eliminates the most commonly used attack routes. This software-free method can also provide comprehensive compatibility with most OS or embed- ded equipment. Since the CPU is not involved in the process, the system does not slow down. Hence, it is much faster and more se-
cure than software-based encryption (e.g. Microsoft BitLocker). In addition, encryption can never be turned off in hardware-encrypted USB drives, whereas it can be removed on software-encrypted USB drives; this is the biggest weakness of using software encryption.
Such devices meet stringent industry security standards and offer the ultimate security in data protection to manage situations confidently and reduce risks. They are self-contained and do not require a software element on the host device. No software vul- nerability eliminates the possibility of brute-force, sniffing and memory hash attacks.
The best hardware-based encrypted devices use AES 256-bit encryption in XTS mode (the top of the line in encryption). It protects 100% of data stored and enforces complex password pro- tocol with minimum characteristics (or complexity such as mini- mum length, required number of character sets) to prevent un- authorized access. For additional peace of mind, some password authentication techniques lockdown after 10-incorrect password attempts and render the encrypted data unreadable (basically erased), and feature a read-only access mode to avoid malware attacks on unknown systems. This ensures that anyone who finds such a USB drive or attempts to hack an Encrypted USB drive equipped with such technology cannot access the information.
Some USB drives have increased security with digitally signed firmware that cannot be altered and a physical layer of protec- tion.
In choosing what type of encryption to use, your first choice should always be hardware- based, AES-256 bit XTS.
Richard Kanadjian is the business manager of Kings- ton Technology’s Encrypted USB unit.
14
MARCH 2021 | SECURITY TODAY 5/5/20 2:17 PM
Don’t Cloud your 4K image with a sub 4K Lens
Theia’s Award-Winning Lens Family
- 4-10mm & 12-50mm - 4K Resolution
- Day/Night - Compact - for up to 1/1.7”sensors
www.TheiaTech.com +1 (503) 570-3296
Untitled-11 1
E
Ev
va
a
l
lu
u
e Sample Today!
a
at
te
a
a


































































































   12   13   14   15   16