Over these last few years, Kingston has come out with quite an important number of secure USB Flash drives, but few of these are more advanced than the Data Traveler 4000-M that we are taking a look at today.
The Data Traveler 4000-M is part of a new breed of secure USB drives that are not only FIPS (Federal Information Processing Standards) certified, but can also be managed remotely by a system administrator within the organization that deploys them.
In order to achieve this, Kingston joined forces with BlockMaster, a company specialized in developing server-based control software for such solutions.
In the case of the DT4000-M, this software is called SafeConsole and is what makes this secure Flash drive so special.
We will take a look at the software developed by BlockMaster a little bit later in our review, but for now it’s important to mention that SafeConsole brings three important assets to the Data Traveler 4000-M, namely centralized Flash drive management, centralized Flash drive security, as well as centralized tracking and reporting.
Of course all these are paired together with AES 256-bit hardware encryption, to make the data stored on the drives safe.
It goes without saying that all these features make the Data Traveler 4000-M exceptionally well suited for enterprise use, where the remote management and forensic capabilities of the Kingston drives will definitely come in handy. Aesthetics and Design
On the outside, the DT4000-M doesn’t seem any different from all the other USB Flash drives released in Kingston’s Data Traveler series, except for the black finish that makes it somewhat more professional looking.
However, the first impression can be a bit deceiving as Kingston
has actually put the DT4000-M through a series of modifications meant to make it more rugged.
We are not talking about a fully ruggedized USB Flash drive here, but about a device that can withstand a bit more abuse than other similar solutions, since it comes with a waterproof stainless steel case featuring a titanium coating.
The use of stainless steel in the construction of the DT4000-M makes its presence felt when the drive is picked up for the first time, as Kingston’s creation is significantly heavier than most of its other Data Traveler counterparts.
When talking about aesthetics, we also have to mention that Kingston offers DT4000-M buyers access to a so-called “COLOGO Program,” which allows them to customize the look of the drives to match their corporate identity. Specifications
Data Transfer Rates
• Up to 18MB/s read
• Up to 10MB/s write Operating Systems
• Windows 7
• Windows Vista (SP1, SP2)
• Windows XP (SP2, SP3) Dimensions
• 3.06" x 0.9" x 0.47" (77.9 mm x 22 mm x 12.05 mm) Available capacities
• 2GB, 4GB, 8GB, 16GB Compatibility
• Designed to USB 2.0 specifications Operating Temperatures
• 32°F to 140°F (0°C to 60°C) Storage Temperatures
• 4°F to 185°F (-20°C to 85°C) Durable and Waterproof
• DT4000-M is housed in a waterproof, aluminum casing Guarantee
• All drives are backed by a five-year warranty and free customer support
As previously mentioned, the DT4000-M Flash drive sports hardware
AES 256-bit encryption via an on-board engine which also includes a random number generator.
According to Kingston, this is used to generate the encryption key, which can be unlocked only by the user password.
In addition to AES 256-bits encryption, the DT4000-M also comes with FIPS 140-2 (Federal Information Processing Standards) certification, meaning that if someone tries to physically open the drive, the Kingston dongle will show evidence of tampering.
The rest of the features supported by the data Traveler 4000-M are provided by the SafeConsole remote administration software. Real Life Performance
When Kingston has designed the DT4000-M USB Flash drive, the company concentrated its efforts on making it as secure as possible, so we are going to take a good look at these features in this section of our review.
For starters, one should know that the real power of the Data Traveler comes from its console software, where administrators can do anything from setting policies for passwords and device use, to locking the device and audition the files that were installed on it.
The first step in the deployment of the DT4000-M is represented by the installation of the SafeConsole server software.
This BlockMaster-developed software can be installed on any Windows machine as long as it features 2GB of system memory, and is used to manage both policies and devices.
Once installed, the SafeConsole can be accessed by the administrator via a Web user interface, which is pretty easy to navigate and includes virtually all the options that a system administrator may need.
With the console deployed, the next step is to initialize the drive by running a special Kingston app that is placed on a separate partition and which pushes down the security policy based on the drive owner. The Console
The first screen you will see after logging in to SafeConsole is the Configuration Overview interface from which you can activate and configure any of the console’s features, via the Security Configurations, Usage Configurations and Device Administrator Tools tabs.
On the right side of the interface there is the organization structure pane, which, if it has been synchronized with an active directory, will reflect all the units of your organization.
Taking the three tabs one by one, the first one of these – Security Configurations – includes a series of secondary tabs that allow administrators to establish password policies (how many characters, letters, or special words are required), customize the message that appears when the drive is lost, or setup an inactivity lock.
A so-called “FileRestrictor” feature is also enclosed here and this allows administrators to block or filter some files depending on their extensions, while the “Authorized Autorun” option can be used to specify a series of commands to be automatically executed each time the drive is unlocked.
Moving to the Usage Configurations tab, it is here that we find the “Backup and Content Audit” feature that can automate incremental data backups and allows administrators to restore the contents of a drive or audit the information stored.
Other interesting options are found under the “Publisher – Content Distribution” tab, where the admin can share files in the organization’s network with DT4000-M owners, as well as under the “Easy Share” tab which enables users to share data with each other without letting anyone know the drive’s main secure password.
The “Remote Power Reset” and “ZoneBuilder” features are also found under the Usage Configurations tab.
The last of the three main tabs in the SafeConsole software is called Device Administrator Tools and just as its name implies, it is here where you will find a series of device and file audit options, specify the user settings of the device, such as the language, and enter a series of information about the device’s owner.
Overall, it’s hard to say that something is missing from the SafeConsole features list, which really is a testament to how powerful the DT4000-M actually is. Transfer Speed Performance
While transfer speed performance isn’t as important as in the case of regular Flash drives, we did put the Data Traveler 4000-M through a short series of tests to see how well it fares when having to work with large files.
The results achieved were actually really good for an USB 2.0 Flash drive with hardware AES-256 encryption, as the Kingston USB dongle was able to surpass 30MB/s in sequential read test scenarios.
Sequential read performance was also pretty good since the DT4000-M reached 13MB/s in these sort of testing scenarios.
Both of these values are higher than the figures mentioned by Kingston in the specifications for the Data Traveler 4000-M, which is definitely a nice thing to see. Conclusions
Kingston really managed to impress us with the Data Traveler 4000-M and its comprehensive array of remote administration capabilities. From strong password setup policies to data backup and content audit, the SafeConsole software has both everything a sysadmin wants and what users need.
The easy-to-use Web interface is also a plus, while the $62.00 (47.8 EUR) price tag of the entry-level 2GB model is definitely more than decent, when considering the advanced security features available to organizations.
Furthermore, adding just $12 more will double the capacity of the Flash drive to 4GB, which might not sound like a lot to some of you, but is certainly more than decent for the type of usage such devices are intended for.
The only downside that the DT4000-M has right now is its incompatibility with Linux or Mac OS X machines which forces users of these operating systems to rely on VMware in order to get their drive working.
If your organization runs Windows however, Kingston’s Data Traveler 4000-M is definitely one of the most secure USB Flash drives around. Pros:
- Extended remote management options
- AES hardware encryption
- Good value for money Cons:
- Only compatible with Windows PCs
- Somewhat difficult to setup