Remote workers who need to carry confidential documents and securely access corporate resources often depend on two small pieces of hardware: a USB flash drive that can be encrypted, and an RSA SecurID token that allows two-factor authentication. Now both devices are available in a single token.
SanDisk, which makes USB flash drives, announced that its new secure Cruzer Enterprise flash drives will have the RSA SecurID token built in. Both elements will take advantage of SanDisk's CMC (Central Management & Control) server software that allows IT managers to provision and manage flash drives, according to Dror Todress, senior marketing manager for the enterprise division at SanDisk.
Converging Storage and Security
"We're converging our secure storage and two-factor authentication," Todress told us. "The main feature [of the Cruzer Enterprise drives] is central management, which basically controls the entire life cycle of the drives." That means everything from deploying the drives to recovering lost passwords, backing up data, and even remotely terminating the data on the drive if it's lost or stolen, he said.
CMC helps enterprises manage regulatory-compliance issues, Todress said, in part because it can delete data from a lost drive, and also because it can keep a full audit trail of filenames put on or taken off the flash drives. CMC can also prevent drives from being used with unauthorized PCs as well as restore or re-create lost drives.
SanDisk's Cruzer Enterprise drives offer another element of security: data can be encrypted with 246-bit AES encryption, protected by a user password. Users are forced during the setup process to create a complex password. Todress said that makes the drives resistant to brute-force attacks.
SecurID is a technology from RSA, the security division of EMC. SecurID tokens have a six-digit number that changes every 30 or 60 seconds. It has a built-in key (a "seed") that can be synchronized with a corresponding RSA SecurID server. Users typically need to enter a PIN and the number shown on the SecurID token at that moment as a way to securely authenticate to a server. The combination of something you have -- the token -- and something you know -- your PIN -- gives two-factor authentication. Some organizations opt not to use the PIN, deeming the device itself to be secure enough.
The partnership with SanDisk is a step forward in RSA's "ubiquitous authentication" idea, in which RSA's secure two-factor authentication would be built into devices such as flash drives, mobile phones, and PDAs. Interoperability between the devices is assured by the RSA Secured Partner Program, which includes a certification process to ensure complete interoperability.
The SanDisk Cruzer Enterprise drives will be available in one-, two-, four- and eight-gigabyte capacities. There is no word yet on how much the drives will cost.