Apricorn Aegis Secure Key – USB Flash Drives now FIPS 140-2 and HIPPA Compliant – UPDATED!

Apricorn Aegis Secure Key USB Flash drives are now FIPS 140-2 validated and HIPPA compliant.

950 0
950 0

Update May 28, 2014

The Truecrypt website is in a state of flux. We do NOT recommend using Truecrypt at this time. Please check back often until we have more clarity on the Truecrypt situation.

Original Post

A few months ago I purchased an Apricorn Aegis 8 GB Secure Key hardware encrypted USB flash drive.  These are super nice, easy to use, and very secure USB flash drives that just work regardless of what operating systems, computer and software you use! They also have 4 GB, 16 GB and 32 GB models to suit your budget or storage requirements.

Apricorn Aegis Secure Key FIPS Validated 4 GB USB 2.0 256-bit AES-CBC Encrypted Flash Drive ASK-256-4GB (Black)

The main reason to use these drives is for the security. What makes them so special is that you don’t have to worry about installing software and drivers on the host computer. The drives have a miniature 10-digit keypad so that you can configure and use a pass code of between 7 and 15 digits to secure your data. They are super easy to use. Just key in your pass code, press the unlock key and put it in the USB slot. Done! Your files are now unlocked and available on the host computer.

The Aegis Secure Keys have integrated hardware encryption circuits that use a 256-bit AES algorithm to protect your data. They automatically lock the instant they are removed from a computer or power is removed from the USB port. To prevent brute force attack, the units will destroy the key, effectively wiping the data, after 10 incorrect attempts at entering the pass code. The numbers on the keypad are wear resistant to minimize the possibility that someone could have hints at which keys you use most often. The electronics are also encapsulated in a tough epoxy making it extremely difficult for anyone to hack their way in without damaging the electronics.

The big news though is that the Apricorn Aegis Secure Key units recently received FIPS 140-2 certification. That means those of you in the health field now have a superb option for storing Patient Health Information (PHI) for on the go work. Those of you in larger organizations will benefit from the ability to set both an administrator pass code as well as user pass code. The drives can be reset with the data securely destroyed so that the devices can be safely reused again and again with different users and data sets.

I use Xubuntu Linux on all of my computers and I use the native dm-crypt encryption on all my drives, including cheap USB flash drives. This works great except when I have to interact with clients that use different operating systems. For those cases, I use the Apricon Aegis Secure Key to easily and securely move critical data between the different systems.

If you’re still using unencrypted USB flash drives to store critical data I recommend that you either learn how to use TrueCrypt or buy one of these Apricorn Aegis Secure Keys.  TrueCrypt is a great piece of software and I highly recommend it!  Unfortunately, it is NOT FIPS 140-2 validated so those of you working under HIPPA guidelines cannot rely on it to give safe harbor in the event a TrueCrypt encrypted USB flash drive is lost or stolen. These Apricorn Aegis Secure Keys however meet the HIPPA standard and will make your life under HIPPA easier should the worst happen.

If you’re really paranoid and can live with software encryption, you could also layer a TrueCrypt volume on top of the hardware encryption to make a drive that is even harder to crack!

 

In this article

Join the Conversation