Secure Computing

Physical security for peripherals

Portable storage devices like small external hard disks, USB drives, or even iPods used for data storage are all very easy to lose, or to steal.

Tips for portable device security

  • Keep the drive on you at all times, ideally on your keychain if small enough, or something else you always have with you.
  • Make the drive hard to lose. Some flash drives come with neck straps or lanyards. Even if you don't wear the drive around your neck, the strap will make it more noticeable and harder to leave behind.
  • Never leave an external drive attached to a computer. Transfer your files, then immediately store the drive. Many drives are lost because their owners transferred a PowerPoint file for a presentation, then forgot the flash drive at the end of the talk.
  • Don't store older documents on an external drive. Bring only what you need in the immediate future, and archive older files to your desktop or laptop computer.
  • If you have PGP Whole Disk Encryption installed on your computer you can use PGP to encrypt most types of external hard drives and flash drives.

USB flash drives

USB flash drives (a.k.a. jumpdrive/thumbdrive) are very easy to lose or misplace. If the drive contains confidential data, a missing drive can be a serious data breach problem.

Approved hardware

The Yale Information Security Office has approved the Imation Enterprise D250 (Powered by IronKey) and Imation Basic D250 (Powered by IronKey) flash drives, USB devices that provide AES hardware encryption that meets FIPS 140–2 Level 3 requirements. The Imation Enterprise/Basic D250 may be used to safely store sensitive / 3-Lock data. It protects against keystroke-logging, brute force password attacks and physical attacks. Data traveling between your computer and the Imation Enterprise/Basic D250 USB device is also protected.

Imation Enterprise/Basic D250 flash drives work with:

  • Windows XP/Vista/7/8
  • Mac OS X 10.5 or later
  • Linux 2.6 or later (supported with limited functionality)

Imation encrypted storage products are available in various storage configuration sizes via the Yale Procurement Sciquest application.

External hard drives

The Yale Information Security Office recommends the Imation Defender H200 series of hard drives.  The Imation Defender H200 series of hard drives may be used to safely store sensitive / 3 Lock data. These devices provide AES 256 bit hardware encryption that meets FIPS 140–2 Level 3 requirements.  The Imation Defender H200 series of hard drives protects against keystroke-logging, brute force password attacks and physical attacks. Data traveling between your computer and  the Imation Stealth H200 USB device is also protected.

Approved hardware

The Yale Information Security Office has approved the Imation Defender H200 series of hard drives. The Imation Defender H200 can use two-factor (biometric and password) and also three-factor (biometric, password and device) authentication.

Imation Defender H200 series of hard drives work with:
  • Windows XP/Vista/7/8
  • Macintosh computers running Mac OS X 10.5 or later (running Intel Processors)
  • Linux computers running Linux 2.6 or later (supported with limited functionality).

Imation products are available in various storage configuration sizes via the Yale Procurement Sciquest application.

Cable locks for larger external storage devices like hard disks and CD-DVD drives

The easiest, least expensive solution to prevent theft of desktop equipment is a cable lock that loops through the case of your external hard disk.