If you're looking for maximum security for your data on a portable drive, the Digisafe DiskCrypt Mobile may be the most secure solution you can buy
We’ve seen high-security drives before, featuring numeric keypads. They offer one crucial advantage over any attempts to lock down data with software – they work entirely independently of the PC.
This brings two unmissable benefits. They will work on just about any computer, regardless of age and choice of operating system, making them much more useful in this multi-platform world. And they won’t be compromised by existing weaknesses in the PC’s security.
For example, the perfect software encryption on your Windows PC is useless if that computer has already been compromised by a web-borne Trojan and is busy logging your every keystroke. You can create the longest and most obscure password imaginable, but it’s useless when the entire phrase is being recorded, key by key.
A popular model of keypad hard drive in the UK at the moment is the diskGenie, distributed here by secure drive specialist iStorage. The diskGenie has ten press-button number keys, and connects by USB 2.0.
The Digisafe DiskCrypt Mobile, also sold by iStorage, is based on a similar idea, but with three key differences.
Instead of real clicky buttons to enter your unlocking PIN code, the Digisafe DiskCrypt Mobile has a touch-sensitive glossy plastic screen. Such touchscreens may be all the rage on all kinds of consumer electronics devices, from printers to smartphones, but using one here introduces a potential security risk.
The panel is a fingerprinters dream, showing clearly where even the cleanest fingers have pressed before. In itself, that won’t help a hacker crack your code – but it certainly reduces the odds if only the required numbers are all known.
The second difference to the diskGenie will mitigate against a brute force attack based on trials from greasy digits. The Digisafe DiskCrypt Mobile relies on two-factor authentication; more than just an eight-digit PIN, you must also supply a security card into a card slot on the unit’s base.
This card is exactly like a modern UK credit or debit card, replete with an embedded integrated circuit, à la Chip-and-PIN.
The third difference: to step up from the dawdling speed of USB 2.0, the Digisafe DiskCrypt Mobile adds a nice pair of FireWire 800 ports.
That should be especially useful when you need to fill a 500GB drive in one sitting. Over USB 2.0, that’d take nearly nine hours on a diskGenie. We’d hope that FireWire 800 would allow the job to be done in around one-third the time.
The Digisafe DiskCrypt Mobile, designed and made by ST Electronics (Info-Security) of Singapore, is sold as an empty disk enclosure into which you can easily slip your own 2.5in SATA hard disk. Alternatively, iStorage sells the DiskCrypt pre-stuffed with a hard disk, of either 250GB, 320GB, 500GB or 640GB capacity.
Additonally, two security levels are offered for the Digisafe DiskCrypt Mobile, either AES 128-bit or AES 256-bit encryption.
Prices of the various version of drive are far from cheap. Starting price for an AES-128-secured enclosure is £158.40. The same enclosure with AES-256 is more than double the price at £310.80.
Add the smallest 250GB hard disk to the latter model, and the price goes up to £466.80.
We tested an AES-256 model of the Digisafe DiskCrypt Mobile with 500GB hard disk inside, priced at £502.80. That's exactly £192 more than the bare enclosure, in order to include a Western Digital Scorpio Blue 500GB notebook drive inside.
Or you could buy the empty enclosure and buy the same WD drive from most retailers for £45 – less than a quarter the price.
Exchanging drives is very straightforward, just requiring you to depress some catches on the side and prise the back panel off.
In fact, it’s almost too easy to get that back off. In terms of security, there’s little a hacker could do though, to retrieve your data from a drive liberated from within. They would need another Digisafe enclosure, the correct PIN and the right smartcard.
The Digisafe DiskCrypt Mobile combines PIN code with a smartcard to create two-factor authentication security
The entire Digisafe DiskCrypt Mobile drive is said to be encrypted – that’s full-disk encryption (FDE) – so loading the bare drive on any other system will just elicit seemingly random data bits thoughout.
If you’re feeling flush and don’t have too much data to secure, you could even pop a 2.5in SSD inside, as iStorage itself does with some models of diskGenie that it sells.
A solid-state drive offers the valuable advantage of shock resilience. It’s also arguably more secure in ters of ‘deleted’ data, as an SSD can be wiped in a single pass of zero-writes, where a hard disk requires multiple security wipes to completely remove any memory of its previous data.
Design and Build
The case of the Digisafe DiskCrypt Mobile is made from lightweight plastic with a matt non-slip coating that may mark easily with general use.
The front touchpanel uses thinly weighted fonts for its numbers and text. Combined with less than stellar backlighting, it’s very difficult to read those buttons in bright daylight. We also found the touchscreen somewhat insensitive to presses - you need to push quite firmly to get button presses to register, answered with a beep.
After connecting to a computer by FireWire or USB, you insert the smartcard and type in your eight-digit PIN, followed by the Enter key.
You’re advised to first change the user PIN from the default 12345678, as well as change the admin PIN. The latter allows you to register a new smartcard to the drive if required.
Two smartcards are included with the unit, both pre-registered, and it’s possible to have different user PINs for each card.
That’s worth bearing in mind, if only from the paranoid-consciousness point of view: you may have set your own user PIN on your card, and even reset the admin PIN. But if someone finds an unused second card in the box, they can gaily access the drive’s contents, using that card and the system’s default user passcode.
If you lose your cards or need to add more users, iStorage sells these at £130.80 for ten, or £14.40 each.
But bear in mind that if you lose all registered cards, you’ll also lose all your data.
The addition of FireWire 800 ought to overcome the traditional problems of slow transfer over USB 2.0. Our usual benchmark testing in Windows told a different story though.
Our tests were carried out on our lab test machine, a Chillblast Antec Skeleton with Windows 7 Home Premium 64-bit, plus an Apple MacBook Pro (4.1) running Windows 7 Ultimate 64-bit as well as Mac OS X 10.6 Snow Leopard.
Using tools such as HD Tach and HD Tune Pro, we saw read speeds of only around 30-35 MBps; that’s comparable to the slow USB 2.0 standard.
And write speeds were even worse – appallingly low in fact, at 5 MBps. At this low transfer-rate, it would take over 27 hours to fill a 500GB drive to capacity.
So we tried some real-world tests of the Digisafe DiskCrypt Mobile with file transfers in Windows 7, which bore out those low synthetic benchmark measurements. Copying 6GB-worth of 1.4MB files took 25 mins 35 secs, equating to a transfer rate of 3.9 MBps. That suggests a complete top-up time of over 35 hours.
In Mac OS X though, real-world transfer tests were in line with expectation for the FireWire 800 standard.
Write speeds were at around 60 MBps, while read speeds reached around 80 MBps. A complete drive top-up here would take a little over two hours.
NEXT PAGE: our expert verdict >>