iStorage IS-FL-DA-256-16 16GB datAshur 256-Bit USB Flash Drive

The Datashur is a recently released USB drive from iStorage. It comes in three storage sizes: 4, 8 and 16GB. Similar in concept to the USB hard drives from iStorage, these USB drives offer hardware encryption fully authenticated by a user-defined PIN which is entered directly via keys on the unit itself. In order to accommodate PIN entry, the device includes a rechargeable battery, which is charged automatically when inserted into a USB port.

The unit is small enough to sit alongside other devices plugged into adjacent USB ports but, in order to accommodate the need for a keypad, the device is longer that most other USB drives. I would certainly recommend using a short USB male/female cable to plug the device into your PC, just to ensure no damage is caused to it or your PC when in use. The other advantage of using a cable is that it allows PIN entry on the unit when the drive is already plugged into your PC.

Operation of the device is simplicity itself, though a little fiddly due to the necessarily compact size of the keypad. Keypad entry is reliable but the keys are small and have only a small amount of travel and would be difficult for someone with dexterity problems. The keys have clear legends and the inclusion of alphanumerics on the keypad (similar to a phone keypad) means you can use a more easily remembered alphanumeric PIN (rather than hard to remember numeric-only PINs on competing devices). The keys legends appear to be quite durable and unlikely to wear with use (a problem encountered by a few similar products).

Until you enter a PIN onto the device your computer will not recognise it as a disk drive, so your valuable data is completely protected. When you unplug the device or the USB port ceases to provide power, the unit will automatically lock and PIN re-entry will be required in order for the drive to become visible again. The PIN has to be 7-15 characters in length, giving billions of possible combinations. If an incorrect PIN is entered 10 times in succession, the encryption key and your disk contents are deleted - making it impervious to brute force attacks!

Entry of a PIN onto the unit itself completely ensures your valuable PIN cannot be captured by any malware on your computer; it also means that the device requires no authentication software, making it platform independent. During PIN creation and PIN entry, two status lights guide you and give acknowledgement of wrong or correct PIN entry. A third (rather bright) blue light shows when data is being transmitted from/to the drive.

Once entered, the PIN makes the disk's single partition entirely visible to the Host PC. So, paranoid users may want to use additional measures in order to protect individual files when connecting the drive to unknown host. One thing I would like to have seen on this drive is some degree of plausible deniability in the encryption system. For systems with on-board PIN authentication this could be achieved by the use of a second partition that is only visible upon entry of a second PIN.

The Datashur drive works with a Windows PC, Mac, Linux or any other system that has a USB port that can recognise USB drives formatted to FAT32 - even printers and embedded systems! You can, of course, format the drive to NTFS or other format available on your system, but at the expense of platform independence, so FAT32 is really recommended for most users.

On first insertion into a Windows PC, the necessary drivers are automatically downloaded from Microsoft update - this took just a matter of seconds for me; I am not sure what happens on other systems. No software is included with the unit because it does not need any. A full user manual is included on the drive and there is also a credit card-size durable instruction sheet to carry in your wallet.

The unit looks physically robust, though no claims are made as to its ability to withstand crushing or temperature extremes but the Datashur does have a certificate for water resistance. One thing I do like is the very secure metal cable for attaching to a keyring etc - unlike the flimsy 'string' seen on some competing products. Inside, the unit is physically protected from hackers by encasing everything in epoxy resin Should anyone attempt to open the unit then breaking open the epoxy resin should destroy the unit, so that your valuable data cannot be extracted by use of a microscope! When not in use, the entire unit is protected by a sturdy aluminium case.

The encryption used is top-notch military-grade AES 256 bit. The encryption key is not held in memory but in hashed form on the built-in cryptographic chip. This makes the encryption key virtually impervious to discovery or accidental deletion. It is simply not necessary to retain a copy of the encryption key on any other device (a weakness suffered by software-based systems).

The user can generate a new encryption key at any time but this will wipe the drive's contents - so be sure to backup first. Again, unlike some competing drives, a new encryption key can be generated on-the-fly any number of times; other, presumably less secure devices, have a limited number of encryption keys built-n during manufacture.

iStorage have applied for FIS 140-2 Level 3 certification for this product and expect to achieve this in March 2012. This is really the US Government's gold standard that encrypted drive manufacturers strive for. I think you can fully expect a 10-20% price rise when this occurs, so buy your Datashur encrypted USB drive now!

Great product. It does it all for you. No more mucking about with software. It just works. Not the cheapest of solutions but definitely the best!

Ordered this product as a gift.
It arrived quickly and was just as described.
Well packaged.
Expensive product for relatively small storage but the security is supposed to be excellent.