We always care what people say about Rohos in their blogs and across forums. As a result we spent much time also surfing the web reading security news, talks about Rohos and other encryption products in many languages. This gives us important feedback about what people expect from data security products in order to protect sensitive information.
Here are the features of the most wanted data security tool for USB flash drives …
In addition to the basic features (hide some files or folders, password protection, encryption and password backup) the users expect to have the following options:
Hide the fact of existence of any protected information.
Most of all users do not want someone else to know there is secret information on their USB flash drive.
In our opinion “Hiding” information has several advantages above the encryption. If there is someone who watches you and your USB stick, he/she will actually never know that “sensitive data” existed, so it can be even a more secure way to protect it.
On the other hand, a password protected ZIP file, file-container from TrueCrypt volume or even a totally encrypted USB flash drive like IronKey, acts like a signal telling that you have important/corporate/confidential/illegal data that you want to keep in secret.
So the simplest question, in the first place is – why to let other people know you have sensitive data? If they know you have protected data they may: a) try to hack it with hack tools or b) force you (your boss may order) to open this data for inspection.
So privacy is an important thing as a data protection.
Hidden/encrypted files as a “partition of the flash drive”
Users want to have a Volume-like place where they could save and manage secured data. This should work like a Volume, where you can have files and folders. Ideally they want to work with these files in the applications like MS Office, Movie players, picture viewers etc.
Virtual volumes offered by TrueCrypt and Rohos Disk are the best choice, but they don’t work on guest PCs (without admin rights to install virtual disk driver).
ZIP, RAR files are a possible solution, but they could display file-names and folders even without password. There are many limitations like: you cannot protect big files, you cannot use applications. They could encrypt data to temp folder.
The only solution here is to use totally Encrypted Drives like IronKey or Rohos Disk Browser with file virtualization feature.
So the hidden/encrypted volume should work like a real Windows volume.
Portable launcher that prompts for the password
In most cases users also don’t want to advertise the Security Tool they used to protect their data. If you know what tool was used, most probably you can find out the fact of encrypted data existence and where it could be (for TC just search for an any X GB file).
The ideal Security Tool should be :
1) Portable, so you can run it from any palace to open access to the secret volume.
2) many are also expected to use functionality like – Create (new secret volume, or encrypt file\folder) and Manage (change password, repair files) it in a portable mode.
2) ‘skin-able’ application (some users even want to hide Security Tool itself under a regular app or file)
Here under ‘Portable’ most users expect this tool can work on any OS (Windows, Mac, Linux) and even without having Admin rights (suppose to work from Internet café or guest PC in a library).
Users want to be able to quickly lock and close the Encrypted Volume. Some paranoiac users also want to be able to destroy all sensitive data by a single click.
Users want to have a second password that opens ‘Another’ files (specially created beforehand). There are many situations where you cannot refuse to reveal your secret data (for example, due to your company order). In this case instead of entering a real password you can enter ‘Second’ password that will be accepted also.
This feature also called plausible deniability. It saves you from revealing your actual sensitive data and making to believe you have actually nothing important (illegal) in your protected volume.
So as we see now the plain USB flash drives are preferable portable media for keeping data among the users. Almost all users want to have :
- Open Device – non-encrypted USB flash drive or something without any password protection. They don’t want to show that they have any secrets inside.
- Ability to use hidden and protected (password + encryption) place inside the Open Device with 2 passwords that works like ordinary volume.