With the continuing decline in cost of flash drives (also known as “thumb drives”), your users are increasingly likely to be copying ever more corporate data to these convenient, easily lost devices. How are you ensuring that confidential data on these little drives are safe from prying eyes? And if you store critical information, how can you ensure that the data are not modified without authorization?

One solution to this problem that I have been working with for several months now is an interesting combination of biometric authentication technology and electronic mass storage.

The ClipDrive Bio series from Memory Experts International  provides USB 2.0-equipped flash drives in capacities of 64M bytes, 128M bytes, 256M bytes, 512M bytes, 1G byte, 2G bytes and 4G bytes; each has a fingerprint reader integrated into the case. The drives can be partitioned into secure (AES-encrypted) and public (unencrypted) sections in any proportion; the locking/unlocking software allows users to enroll up to five users with the recommended two fingers per user (in case a finger is damaged).

When you plug the ClipDrive into a USB socket, the public partition registers immediately. In my case, 100M bytes suffice for the public partition, which also contains a copy of the locking/unlocking software so that I can install that program onto another computer if necessary to unlock the secured partition.

I use the public section of my 1G-byte drive to collect homework from my students in the database lab - much faster than asking for diskettes or CDs. I use the secured partition for everything else, including backups of student grade books, consulting reports, internal memoranda, e-mail repository and so on.

I sometimes transfer all of the day’s work on my university-office computer by creating a backup of the modified files on the ClipDrive and then synchronizing from the backup onto my home-office computer at night. Then in the morning I reverse the process and bring changes back to the university on the ClipDrive. It’s mildly less nuisance than carrying a laptop computer back and forth (although in a later article I’ll be telling you about some interesting alternatives for securely synchronizing systems via the Internet).

The locking/unlocking software features an image of the fingerprint reader that shows what it is seeing - very useful in case the reader becomes dirty. The software usually recognizes my fingerprint right away even though I have terrible fingerprints due to ectodermal dysplasia that makes my skin very thin and the fingerprints extremely shallow (my friends joke that I should have become a bank robber). Sometimes I find that I need to move my finger slightly to register properly, but it rarely takes more than a few seconds to open access to the secured partition.

M. E. Kabay, PhD, CISSP-ISSMP, is Program Director of the Master of Science in Information Assurance program at Norwich University.