How a Flash Drive Could Be the Solution to Laptop Security
Sony announced this week that it plans to distribute movies and music on USB flash drives, as an alternative to DVDs and Blu-Ray disks. It's a novel idea, but one that raises a question: Why is Sony bothering with entertainment when it could be using flash drives to dramatically improve laptop data security?
On the one hand, the distribution of media on flash drives is a solution to a problem that does not exist. Nobody is clamoring for alternatives to disc- and online-media distribution.
On the other hand, laptop data security is the Mother of All problems for everyone with a laptop. Laptops can get stolen, damaged, lost, or breached, which sucks. Anybody that travels regularly on business has experienced one or more of these horrible events.
Right now, it's the responsibility for individuals or the companies they work for to cobble together security solutions which, at the end of the day, end up failing. The IT admins responsible for the contrivance of these kludges are primarily interested in protecting the companies' precious data. But what about the hapless road warrior? If his Laptop goes South halfway through a two-week road trip, he's toast. Sure, the data he had before he left is mostly recoverable in the best of circumstances. But what about that lost week of reports, e-mail, presentations and other data? What's he to do for the reamaining week?
There's got to be a better way. And, in fact, there is.
I believe that, like automobiles, every new laptop should come with two "keys" that are required in order to use the product. These laptop keys should be USB flash drives that perform the following functions:
1. Access control. Instead of an easily hackable password, the laptop should be protected by the existence of the specific keys. No key, no access. The beauty of a USB drive is that it can fit on a key chain or in a pocket. That way, if the whole laptop bag is lost or stolen en route, the access key won't go with it.
2. User ID. The USB keys should have fingerprint readers on them which the user must use to identify himself or herself. This is different than fingerprint readers on existing laptops, which don't provide additional security (they typically only add convenience, and don't replace password ID).
3. System restore. In the old days, PCs and laptops came with restore disks. Nowadays, that stuff is usually dropped on a partition on the system disk itself. By installing it on the USB key, the settings could be retained on the key, and the installation could happen with all user settings in place. It would also reduce mix-ups with restoring on a new system or a new drive, because it would definitely contain the OS and apps that were installed on the original drive.
4. Backup and recovery. The key should be set by default to do occasional full and frequent incremental backups of all user data. Because the key would be required in order to use the laptop, this backup drive would always be available to the backup system.
5. Key backup. By inserting the second laptop key in a second USB drive, the first drive could be mirrored periodically to the second, in case the first is lost. Both are encrypted, and both require a key provided by the laptop manufacturer in order to read the data.
I'm not sure if this system is ideal, but I do know the current "system" fails. Tools and technologies are scattered to the wind and hundreds or thousands of people lose vital data every day because nothing like this exists.
Sony makes Vaio laptops. Instead of dorking around with publicity stunt initiatives that put Hi-Def movies on flash drives, why don't they instead use those flash drives to solve the problem that everyone has: how to protect data on a laptop.
This article originally appeared as a blog posting on our sister site, Computerworld.com.