Description

The ultimate in secure USB flash drive technology

 

Key Features:

 

Our highest capacity

PIN authenticated, hardware encrypted USB flash drive with capacities up to 512GB.

OS & platform independent

With no software required. Cross-platform compatible with: MS Windows, macOS, Linux, Android, Chrome, Thin Clients, Zero Clients, Embedded Systems, Citrix, VMware, DVRs, Medical Equipment, Printers, Scanners, and CCTV. In fact, it will work on any device with a USB port!

Government validations

FIPS 140-2 Level 3 certified

FIPS 140-2 Level 3 certified Tamper proof & evident design

All critical components are covered by a layer of super tough epoxy resin, which is virtually impossible to remove without causing permanent damage to the critical components. If breached, the tamper-evident design of the datAshur PRO2 will provide visible evidence that tampering has occurred.

Superspeed USB 3.2

Backwards compatible with older USB ports.

Inactivity Auto-lock

Configurable to lock after a predetermined period of inactivity.  datAshur PRO2 also automatically locks when unplugged from the host device or when power to the USB port is turned off.

Immune to Bad USB

Both the USB Cryptochip and Secure Microprocessor incorporate digitally-signed flash lock mechanisms making the datAshur PRO2 immune to Bad USB.

Read-only (write-protect) – Dual Mode

Both Admin and User can configure the datAshur PRO2 as a read-only (write-protect) device. If configured by the Admin, the device cannot be modified or disabled by the User allowing the Admin to pre-provision a device with pre-loaded content as read-only for the User.

User PIN enrolment

Admin can set a restriction policy for the User PIN. This includes setting the minimum length of the PIN, as well as requiring the input of one or more ‘Special Characters’ if needed.

On-device Crypto-chip

Offering 100% real-time military grade AES-XTS 256-bit Hardware Encryption with FIPS PUB 197 validated encryption algorithm.

Incorporates a Common Criteria EAL5+ (Hardware Certified) secure microprocessor

• Offers ultimate security against hackers, detecting and responding to tampering with features such as:
  Dedicated hardware for protection against SPA/DPA/SEMA, DEMA attacks
• Advanced protection against physical attacks, including Active Shield, Enhance Protection Object, CStack checker, Slope Detector and Parity Errors
• Environmental Protection Systems protecting against voltage monitor, frequency monitor, temperature monitor and light protection
• Secure Memory Management/Access Protection

IP68 certified

Dust and water-resistant. Includes hard anodized and ruggedised extruded aluminium protective sleeve.

Polymer-coated, wear-resistant on-board alphanumeric keypad

The datAshur PRO2 is authenticated (unlocked) and all functions are performed using the onboard keypad with zero host involvement, the device is not vulnerable to key-loggers and/or brute force attacks.

The datAshur PRO2 keypad is coated with a layer of wear-resistant polymer for added protection.

User & Admin PIN authenticated

Supports independent User and Admin PINs

Bootable feature

Install an OS on the datAshur PRO2 and boot directly from it.

Lock override mode

Ideal in certain cases where the datAshur PRO2 needs to remain unlocked through USB port re-enumeration, such as during a reboot process or passing the device through a virtual machine.

One-time User recovery PIN

Admin configurable, extremely useful in situations where a User has forgotten their PIN, allowing the User to unlock the device and set a new User PIN.

Self-destruct feature

Pre-program the datAshur PRO2 with a self-destruct PIN, once entered, the encrypted encryption key and all PINs are deleted and all data is rendered as lost forever.

Whitelisting on networks

Configured with a unique VID/PID and internal/external serial number with barcode, allowing easy integration into standard end-point management software (white-listing), to meet internal corporate requirements.

Customisation services available

Offering an in-house PIN configuration and laser-etching service whereby the datAshur PRO2 sleeve or side of the device can be customised with your name, company name and/or logo, web/email address, and phone number.

Brute force hack defence mechanism

If the User PIN is entered incorrectly 10 consecutive times, the User PIN will be deleted and the drive can only be accessed by entering the Admin PIN to reset the User PIN. (Admin can change this from the default 10 incorrect PIN entries to 1-9, for the User only).

If the Admin PIN is entered incorrectly 10 consecutive times, all PINs and the encrypted encryption key will be lost forever.

Device reset feature

Deletes the encrypted encryption key, and all PINs and renders all data lost forever. The device can then be redeployed which randomly generates a new encrypted encryption key, a process that can be repeated as many times as required.