Saturday, February 26, 2022

DataLocker DL4FE Encrypted Drive

Founded in 2007, DataLocker has carved a substantial reputation as a purveyor of secure storage devices used by two-thirds of Fortune 100 companies.

Its devices range from flash drives to larger HDD and SSD based devices, and all are secured using AES 256-bit encryption.

One common feature of encrypted storage devices is that they require local software installations to enable unlocking, a necessity that introduces an extra point of potential insecurity.

One approach to this problem has involved using a Bluetooth connected phone as the unlocking interface, introducing new security issues.

The new DL4FE avoids software installations and Bluetooth phones by incorporating an unlocking interface directly on the device.

Was this the right direction to go, or is a touch screen just an alternative problem?

Price and availability

The DataLocker DL4FE comes in two varieties, SSD and HDD, with capacities of 500GB, 1TB and 2TB for HDD and 1TB, 2TB, 4TB, 7.6TB and 15.3TB on SSD.

We won’t list all the prices, but to get a flavour, the 1TB HDD model is £361.39 ($429), and the 1TB SSD is £527.17 ($679). And for those with bottomless pockets, the 15.3TB SSD option is an eye-watering £4643.22 ($5399).

That’s expensive when compared with the SecureData SecureDrive BT (also FIPS 140-2 Level 3 validated). It costs £190.21 for the 1TB HDD and £300.37 for the SSD of the same size, and its 16TB model is £2,936.91.

DataLocker DL4FE Encrypted Drive

(Image credit: DataLocker Inc.)

Design and features

The size of the DL4FE gives away that inside is a 2.5-inch hard drive or SSD, thickened by the addition of a 45 x 57 mm touch panel on the top.

Construction is a combination of aluminium and reinforced plastic, and the contents inside is undoubtedly being further protected with resin or similar.

Our review drive was the 1TB SSD model, weighing 262g without any associated USB cables. Included with the drive are two USB cables for Type-A and Type-C connection, and the drive has a single Type-C port on it.

Also in the box is a soft cover for the drive. It has a pouch on the front of it too small to hold even one cable, and the drive won’t fit in the pouch with a cable attached.

There are no instructions provided, although full documentation is available in PDF form from the DataLocker website.

When you first power the drive by connecting it to a computer, the input screen will become active and ask for a password. Forgetting this password would make it impossible to access the contents ever again, so creating one that you can remember is vital.

After this is defined, a connection can be made, and the drive can be formatted in whatever file system the user needs. The DL4FE works with Mac, PC and Linux systems, among others, as you can format the drive.

When you next connect the drive, the password will unlock it on the computer or other devices that it is attached.

If this all sounds remarkably simple for a secure encrypted drive, then you are right to a degree, but as with any piece of technology, the devil is in the detail.

DataLocker DL4FE Encrypted Drive

(Image credit: Mark Pickavance)

In use

Glossing over that the creator of the soft carry pouch never saw the USB cables, the first issue that most owners of the DL4FE will encounter is the touch screen.

Even in DataLocker promotional images, it is shown used with fingers, which is unrealistic for many. Each key top on the display keyboard is a fraction of the thickness of a typical adult finger, and the only user that could easily use this would be one under the age of 10.

Maybe using it with fingers is technically possible, but not with the Bratwurst scale digits of your reviewer it isn’t.

A better solution is to use either a soft tablet pointing device or, as we did, a propelling pencil with a rubber eraser on it to select keys more easily.

Using a stylus or similar object works so much better it begs the obvious question why DataLocker didn’t include one, or even housed one in the case?

The interface can be configured for four languages, English, French, German and Spanish, and it can also be configured for multiple users and have rules for password complexity defined.

Achieving FIPS 140-2 Level 3 Device certification requires reaching standards of security, cryptography and intrusion detection that should render the device almost impenetrable.

Having passed that certification and others, the DL4FE is considered highly secure, and it can’t be cracked by brute force password assault or invasive techniques.

DataLocker DL4FE Encrypted Drive

(Image credit: Mark Pickavance)

Amusingly it is possible, because the US military defined FIPS 140, to increase the password length to 64 characters.

Other than someone specially trained to recall complex random sequences, like the exact order of multiple packs of cards, would find recalling 64 random letters, numbers, and symbols in the correct order near impossible if it changed regularly.

DataLocker has implemented numerous special security features, like SilentKill, a special password that you give those torturing you to make the drive forever inaccessible and guarantee that they will then kill you in frustration.

For those that pay extra, DataLocker also offers a remote management console that can destroy the contents of the drive at range, scan the drive for malware, geofence where the drive can be accessed and relay all the activity on the unit.

For those in the business of secure data, there is something for everyone in this solution.

DataLocker DL4FE Encrypted Drive CrystalDiskMark 8.0.4

(Image credit: Mark Pickavance)

Performance

Benchmarks

Here’s how the DataLocker DL4FE performed in our suite of benchmark tests:

CrystalDiskMark 8.0.4: 268.68MBps (read); 260.63MBps (write)
ATTO:  255.49MBps (read, 256mb); 248.54MBps (write, 256mb)
AS SSD: 250.48MBps (seq read); 241.97MBps (seq write)
AJA: 250MBps (read); 243MBps (write)

Considering that the review model was an SSD variant and not an HDD, the speed of transfers was disappointing.

The drive capped out at well under 270MB/s for both reading and writing in our CrystalDiskMark tests and was even lower when challenged by AS SSD and ATTO.

It needs to be said that most drives that use hardware encryption suffer a performance penalty for those additional operations, but not to this extent.

Part of the problem here is that the USB interface used is only USB 3.2 Gen 1, previously known as USB 3.0. That has a maximum throughput of 5Gbit/s, which when converted to megabytes per second is about 625 MB/s.

But what we can reasonably guess about the DL4FE based on the SSD capacities on offer is that the internal drive is a SATA type and not NVMe, and therefore its SATA interface limitations are closer to 550MB/s.

How this ended up at half that speed is a mystery, but the DL4FE isn’t your friend if you have got a flight or a train to catch and need to copy plenty of data before leaving.

DataLocker DL4FE Encrypted Drive

(Image credit: DataLocker Inc.)

Final verdict

It’s hard to fault the security credentials of the DL4FE, and the ability to operate without adding software to the host system is a significant advantage.

Some of the features, like the Silentkill password, seem intended to appeal to those who think they’re intelligence services material, but these are the features that secure drive makers are including these days.

Considering the price, and that’s to be expected for any device that is described as ‘secure’, the DL4FE needs to come with a pouch that properly holds both cables in addition to the storage device. DataLocker should also either include a stylus, ideally on a lanyard so it can’t be misplaced, or use a phone screen that is large enough for finger selections to be easier.

By the standards of those who don’t need secure storage, the DL4FE might seem slow and excessively expensive. But it ticks all the right boxes for those controlling sensitive information.

0 comments:

Post a Comment

!!!!!!!!!!

Popular Posts

Categories

Blog Archive