IronKey Adds Remote Wipe Feature for USB Drives

A new service called Silver Bullet from encrypted thumb-drive vendor IronKey will let administrators wipe out or lock the data on USB sticks in the field.

Silver Bullet is a Web-based service that will be offered as a subscription add-on to IronKey's USB device management software, said David Jevans, IronKey's CEO.

An IronKey USB (Universal Serial Bus) stick uses the Advanced Encryption Standard (AES) to securely store data, which is used by the U.S. government for sensitive material. Nonetheless, some customers have requested more features in order to destroy data, Jevans said.

The IronKey is unlocked when a user enters their password, but some users will write down their password and keep it, for example, in their briefcase along with their IronKey, Jevans said. The practice undermines the device's security, but it's an example of the risk that users pose to data security.

To counter that situation, the Silver Bullet service will let administrators send a command to the IronKey when its inserted into a PC that is connected to the Internet that tells its flash memory hardware controller to wipe the data.

Alternatively, Silver Bullet will also let administrators simply lock the data on an IronKey. If an employee loses an IronKey but later finds it, the device can be unlocked, Jevans said. Another scenario where the lock feature is useful is if a company believes one of its employees is carry objectionable material and wants to preserve the data for analysis.

Silver Bullet can also transmit to a central administration console the IP (Internet Protocol) address of a computer in which an IronKey is being used. IronKey is also working on other tracking-related features that could be rolled out by the end of year.

IronKey eventually wants to enable its devices to report a computer's MAC (Media Access Control) address, a unique number linked to a PC's hardware. By collecting a PC's MAC and IP addresses, other administrative controls can be introduced, Jevans said.

For example, IronKeys could be configured to only work on specific types of PCs, such as those designated to handle top-secret information, Jevans said.

IronKey is also working on an administrator feature that would show a map indicating where an organization's IronKeys are being used in the world, Jevans said.

Silver Bullet will start at US$24 per user per year in the U.S. However, volume discounts are available, Jevans said.

Subscribe to the Security Watch Newsletter

Comments