An interesting new range of secure SSD drives has come to our attention. The Autothysis self encrypting SSD drives are made and branded by SecureDrives in the UK. However these devices levy a much more extensive range of data storage protection techniques beyond 256-bit AES CBC hardware level encryption. SecureDrives Autothysis SSDs have the headlining ability to physically self destruct should a special code word be texted to them.
As an SSD drive these Autothesis drives are rather lack lustre in specifications and performance. They are in the popular 2.5-inch form factor but rather fat at 9.5mm thick. The SATA 3 and microUSB 3.0 port equipped drive utilises Micron 20nm NAND flash and offers key performance stats as follows:
- Sustained Sequential Read: up to 127 MB/s
- Sustained Sequential Writes: up to 120 MB/s
- Random 4 KB Reads: Up to 20,000 IOPS
- Random 4 KB Writes: Up to 20,000 IOPS
However when you come to the security specifications things get more interesting. Starting with the built in AES SED capability users get 256-bit AES CBC hardware level encryption and computer independent 2 factor authentication via a separate Token. "The encryption engine is FIPS 140-2 level 3 certified," says SecureDrives.
World's first remote destruction drive
Thanks to the GSM connectivity and other hardware in these drives they are the first to offer "the capability of physical data destruction on demand". Both the NAND and the controller are said to be destroyed beyond recovery if this action is triggered. As well as sending a self destruct message via text there are a number of other safeguards in place - such as self destruction should the GSM signal be blocked for a number of hours. I've reproduced a list of possible data destruction triggers below:
- Via SMS 'kill message' (user defined)
- Starvation of the GSM signal
- Anti-tamper Case
- Tap-to-destroy function in the Token
- Low battery level
- Removing the Drive from a PC
- PIN code retries being exceeded
The above triggers can be set and configured using a data access token (pictured next to the drive below), up to three can be configured for one drive. The 'Tap-to-destroy' function is particularly interesting as a 'movement signature' can be programmed to initiate data destruction.
The disks are obviously targeted at individuals, businesses and agencies with very stringent security requirements. The price of the Autothysis drives are around the £1000 mark, that includes the first year's GSM subscription which will cost you £29 p.a. thereafter. Looking over the website the drives appear not to be available as yet - though it says they should be available by the second quarter of 2014. Elsewhere there is a worrying lack of finishing to the Securedrives website with some product links from the home page, for example, broken.