Over the years, we’ve covered many encrypted USB dongles on Help Net Security. All of them provide high security for your data, encrypted and stored on the dongle itself. Today I’m taking a look at GuardKey, which provides a different take on private data encryption.
Essentially, GuardKey is a digital key to your data. When you connect it to your computer, hidden data folders, dubbed safeboxes, will appear, and you can work with the files residing in them. Unplug the key, and the folders disappear. There are a couple of extra functions built in, and they will be covered in this review.
Digital safeboxes
When plugging this $59.99 (current price on Amazon.com) device for the first time, you set a master password and it’s ready for use. The USB stick itself has around 8GB of storage, so you can store data on it as well, but the main idea is to create safeboxes on the desktop computer.
GuardKey works on Microsoft Windows 7 and later, with OS X support announced for the near future. Its interface is simple and rudimentary, but works well for managing and accessing secure folders.
When creating new safeboxes, there is one simple rule – you can create one per partition. When a safebox is created, you can choose whether it will be automatically opened when GuardKey is plugged in, or whether you want to open in manually using the application.
While the data is encrypted using 256-bit AES, the hidden safebox folders will contain files with readable names by default. I advise going into setup mode and enabling the option to automaticaly encrypt the file names as well.
Even though you set up a master password, it is not needed in order to decrypt data. After plugging in the GuardKey into your computer, you will be automatically granted access to the files. You can manage this liability by going into the setup mode and manually enabling the option to make password input obligatory.
When I inquired about this, I was told that the idea behind Guardkey was to provide something like a physical door key – when the key is plugged in, the data is visible, and if its unplugged, the data is hidden.
But, when you think about it, the concept of a door key being the only mechanism for protecting your valuables inside a house is obsolete. Nowadays we use alarm systems, guard dogs, personal safe boxes, etc.
Password authentication should be a default option for a security product like GuardKey.
Besides on a couple of test computers, I’ve used GuardKey inside VirtualBox as well. Nothing special to add here, but I just wanted to mention that if you come across issues with initializing GuardKey in VirtualBox, you’ll probably fix the situation by installing the VM VirtualBox Extension Pack.
Secure cloud data
Creating and using a cloud safebox is practically the same as starting the regular safebox, the only difference is that the cloud one will be automatically synced to the service you use. The only prerequisite is that you have the cloud service software installed on your box. Currently GuardKey supports Dropbox, Google Drive, Microsoft OneDrive, ASUS WebStorage and SugarSync.
Pairing with a mobile device
By using a QR code, GuardKey can be paired with a Viewer app on a mobile device. This is needed for accessing encrypted cloud data from within the mobile application, but it is used for something else as well. You can use your mobile device as a backup variant (your personal backdoor?) to decrypt your private data on the desktop computer even when you misplace or lose the GuardKey dongle. This might seem like a good option from the usability perspective, but it’s a security issue. As its desktop version, opening the mobile GuardKey Viewer application doesn’t require a password, so anyone with brief access to your phone and computer could easily access your data.
GuardKey Viewer app
The GuardKey Viewer application is available for iOS, Android and Windows Mobile devices. As seen from the product homepage, marketing and tech documents, it is an equal part of the GuardKey experience extending the USB dongle’s functionality. The mobile application can be used for various actions, including being a backup option for opening desktop based safeboxes, acting as a reader of encrypted cloud based data, and uploading encrypted photos to the cloud.
I’ve used the latest iOS version of the software, published to the App Store in early February 2016. I needed to double check whether this was the latest version, as the application looked outdated. I don’t have a designer’ eye, but the issue with the GuardKey Viewer application is that it seems its GUI was optimized for the iPhones available back in December 2013 when the application first appeared in the App Store. The icons and the text are too large, and some graphical elements are missing. To make things worse, the problems with the mobile app extend to a myriad of spelling errors, but also to core functionality.
For the purporse of this review I was using the Box cloud service. After installing it on my iPhone, I made sure it was GuardKey ready – I created a cloud Safebox via the desktop computer. When I tried uploading photos to it, the Photos screen inside GuardKey Viewer stated just the following – Uaauthorized (Dropbox). I’ve gone through all the settings, to see whether Dropbox is labeled as the default location for photo uploads, but this wasn’t the case. I don’t even use Dropbox and therefore couldn’t even connect it with GuardKey. I was curious, so I opened a Dropbox account and when I gave access to it through GuardKey Viewer, the photo upload worked. So, it’s safe to assume that, in reality, the mobile application doesn’t work with all the cloud storage services GuardKey supports.
Through the desktop computer I’ve synced several files that were automatically encrypted and tried to open them in the Box iOS app. Naturally, the app couldn’t open them, but when I clicked on the “Open in” button, GuardKey Viewer was presented as an option, and it worked. FYI, the actual file you’re accessing is copied into a temporary folder inside GuardKey Viewer from which it can be opened.
Documentation
The GuardKey homepage provides a 44 page manual in which you’ll find practically all of the information you’ll need on using the product. There are also videos on GuardKey usage uploaded to YouTube and embedded on the product homepage, so check them out if you want to see the product in action. The web site also has an F&Q section, which I presume is misspelled combination of Q&A and FAQ. This section is empty and doesn’t provide any information. The cloud storage part of the GuardKey Viewer mobile app contains some helpful tips on using each of the supported cloud service providers in conjunction with GuardKey.
Closing remarks
While trying to toe the fine line between mainstream usability and a decent level of security, GuardKey presents some hits and misses. The product offers some interesting functionality such as encrypted cloud data and hidden private safeboxes, but fails with a sub par iOS application that looks unprofessional, and provides only borderline usability. GuardKey has good technology under the hood, but the developers have to work on polishing the presentation and the focus of the product.
from Help Net Security http://ift.tt/29nyhn5
0 comments:
Post a Comment