HighTech Finland › Information & Communications › All articles in this section   ›  Where are you taking that USB drive?

Mobility & Networking
Software & Systems
All articles in this section


Where are you taking that USB drive?

Lost or stolen removable storage devices, such as USB flash drives, can put companies and organisations at high risk in respect of undetected data leaks. As companies downsize, the temptation for disgruntled ex-employees to walk away with company data in their pockets is only growing. This is where Envault USB Storage Protection comes in. A unique software product, it can put a stop to costly data loss and outright theft.

Traditionally, companies have tried to stop data leaks using encryption. In the case of removable storage devices, however, encryption systems ultimately fall short, as they leave it up to employees to decide when and what data to encrypt. Anyone who knows the right passwords can still take the data anywhere with them, on a USB or other removable drive for example, even after leaving the company. Once the data is out the door, it is lost.

Using Envault technology, however, a company can choose who can access its data, and where and when. All data copied from a workstation to removable storage is automatically protected, without the need for any user action, passwords, or other user-based security decisions.

Works with any drive

A protected drive appears and functions as normal for everyone permitted access to it in a corporate network, but for outsiders its contents are unreadable. Even drives in the possession of employees leaving a company automatically become unreadable the moment their access is terminated.

File transactions are logged in real time, enabling a system administrator to see who is copying what data to what form of removable storage. A system administrator, or user, can also instantly block all access to any drive suspected of having been misplaced or used illegitimately, or destroy its contents, without having to establish a link to the drive itself – simply with one mouse click.

This is all achieved thanks to a tiny driver installed on workstations and a central management server, and complete compatibility with virtually all USB and FireWire drives.

Based on information removal

The original innovation behind this data protection method, known as ‘Envaulting’, was developed at VTT Technical Research Centre of Finland, drawing on the ideas formulated in Claude Shannon’s classic information theory. Envault Corporation was spun off to commercialise the technology and develop it with some of Finland’s best experts in cryptography.

The technology uses AES encryption and a random key, and then removes some of the entropy bits, storing them on a network server and leaving the remaining data on the storage device. The latter can only become meaningful and readable again when the missing information is reattached for users with authorised access. Unlike many other technologies, Envaulting allows corrupted and manipulated enciphered data to be detected.

Envault’s technology enables a company to ensure that any lost or stolen data storage devices are automatically neutralised.
> Harri Rautio
(Published in HighTech Finland 2009)