How to Protect Your DataLocker Against Thunderspy Attacks

Thunderspy allows for evil maid type attacks against a host computer. Evil maid attacks require physical access to the victim’s machine and usually enough time to do something conspicuous such as disassembly. A successful attack will give the intruder direct memory access to the machine which gives them the ability to compromise all local security controls of that computer. This includes removing restrictions on any currently unlocked encrypted drives. 

The most likely scenario would be to gain access to the system boot drive, even if full disk encryption like BitLocker is in use. This is a generic attack against the host computer, which then can be used to compromise anything trusted by said computer. For example, if you were signed into your bank website, this attack would allow an intruder access to your bank information. The same concept is true if you were currently connected to your unlocked DataLocker drive. 

Just like you should log out of your bank account, you should also lock your DataLocker drive when not in use. DataLocker has an inactivity autolock feature which is useful when you forget to log out before you walk away. Similar to how your bank logs you off after certain minutes of inactivity, so can your DataLocker drive. The DataLocker DL3 and Sentry K300 both have firmware level settings to lock after a set amount of inactivity, as well as all devices that are managed by SafeConsole. Our drives will also lock imminently if the host computer is put to sleep, which is the likely state a computer will be in during a Thunderspy attack. Once a DataLocker drive is locked and disconnected from a computer, then Thunderspy cannot directly target data on the encrypted drive. 

Thunderspy takes advantage of Thunderbolts advanced feature set using low-level physical access, it is only fitting it is defeated by a simplistic approach of disconnecting the drive when not in use. It’s these fundamental security concepts where DataLocker strives to secure your data. This attack shows that storing data on the boot drive, even if it is encrypted still poses potential security issues. You don’t unlock your safe every time you get home and you shouldn’t unlock the vault of your most important documents every time you turn on your computer. It is times like these that show simply isolating your data into different silos, such as putting the most sensitive data on dedicated hardware-encrypted drives allows easier separation from generic low-level attacks like this.

Remote Worker Software Toolkit from DataLocker – Stay Productive and Compliant

As many companies move to a remote teleworking environment there is increased concern about how to keep sensitive data at rest secure. What can be done to provide workers with secure and stable storage using DataLocker’s centrally managed software solutions? 

Encrypt local data allowing offline work if the Internet becomes temporarily clogged

SafeCrypt utilizes military-grade encryption and allows central IT to track stored data in its secure drives to quickly achieve compliance. SafeCrypt can be installed manually on any remote PC by the end-user or through regular central admin tools if the machine is under administrative control.

It is also possible to synchronize the locally encrypted data into any cloud service while still keeping company control over the encryption keys. This is extremely important and also allows failovers if one backup service goes down. 

SafeCrypt can also be used even if networks temporarily fail, as some leading journalists fear as there is a surge to online services. 

Lockdown USB ports, as machines are more likely exposed in unsafe environments 

Many organizations have a sense of security regarding USB usage when laptops are mainly used at the office. But sending all the laptops to homes, environments that are less safe, heightens the risk that company laptops are used for school work, sharing, and more. This might be alright, we need to share resources, but it is reasonable to ensure that not any USB drive can be plugged into the corporate machine as the risk of malware and data breaches is significant. Administrators will also be in a hard position trying to sanitize machines remotely if USB malware hits. The better option is to deploy PortBlocker to remotely control which USB devices can be used. PortBlocker can easily be installed and enrolled by the worker to the SafeConsole cloud or on-prem server. It can also be installed automatically if the admin has central control of the machines. 

Deployment of a SafeConsole SaaS trial with both SafeCrypt and PortBlocker can take as little as a few hours with the current workload for approving trials. The trial can then be turned into a production environment after licensing is complete.

As a leader in the field, DataLocker has a range of solutions that meet industry security standards. 

DataLocker strives to serve our community and our customers by contributing pieces to the remote IT puzzle that we have available. Also, check out our secure USB storage products that can be used as encrypted storage or as secure laptop alternatives.

The Laptop Alternative, the Thumbtop – Managed Secure USBs with Managed Apps

What if your “laptop” only weighed 9 grams, never broke down, and took 3 minutes to issue out? DataLocker’s managed, encrypted USB drives can be utilized as thumbtops: smaller, smarter, tougher, lighter, and cheaper than a laptop. They allow your organization to stay compliant, secure, and productive. Compared to online virtual environments and remote PCs, DataLocker USB drives work when the networks are choppy and intermittent. Thumbtops work online and offline. Many journalists fear that a surge of remote working people and at home, streaming children may cause a network overload. A solution that can handle offline work, makes sense.

Benefits of Thumbtops

  • Great cost saving compared to laptops, tie up less cash
  • Encrypted USB drives used as thumbtops offer cost savings in distribution and are easier to carry with you (a few grams vs. a sore shoulder)
  • Hardware encrypted thumbtops offer a high level of management control through SafeConsole with audit trails and remote password resets among other features
  • Deploy in minutes and setup scripts for downloads or install apps through SafeConsole
  • Thumbtops are perfect for secure and regulatory compliant work on guest/shared PCs
  • USB 3.0 and premium storage components offer a speedy experience
  • Secure USBs are extremely robust compared to laptops
    • Laptops have a general failure rate greater than 15% over two years 
    • DataLocker secure USB storage devices are far below 0.5% and they can even withstand dust and moisture
    • If the host PC breaks, your data is safe and accessible when you find a new host PC
  • Lower environmental impact (much less materials and rare earth metals used)
  • It is easy to recycle/reuse thumptops for new users – a secure USB can be remotely reset in 30 seconds and issued to a new user vs. many hours of work per laptop

Use Cases for Thumbtops

  • Remote workers can access corporate applications through approved apps and be allowed to securely store data offline when needed – for example when Internet is unavailable
  • Students and researchers, are provided their own environment and storage for work to secure access on shared PCs
  • Disaster recovery, during trying times, this is a cost-efficient way of enabling the workforce on any PC
  • System admin troubleshooting using different tools

Software to Deploy with Thumbtops 

  • For regular use, a suite of portable applications is available through PortableApps.com including: FireFox browser, Thunderbird email client to allow offline work, and OpenOffice Suite
  • For power users that require special operating systems and applications, Portable VirtualBox can be run on thumbtops – this popular virtualization environment made portable is perfect for developers, engineers, and consultants that require full control
  • DataLocker also offers two additional SafeConsole managed software agents that offer compliance and can complement thumbtops when possible.

The Sentry K300 Micro SSD

The next generation of security and convenience is here—and it’s called the Sentry K300! This micro SSD offers not just military-grade security with 256-bit encryption, but faster speeds for reading, writing, and transferring too.

All the requirements you need

It’s also the industry’s first platform-independent keypad micro SSD to incorporate an OLED display. That display can help you ensure that failed log-in attempts don’t lead to the automatic self-destruct—which occurs after 20 incorrect password attempts and protects your data from brute force attacks.

The Sentry K300 also features high-speed solid state SATA III memory, a rapid secure wipe option, read-only mode, and an alpha-numeric keypad to support advanced password requirements. It also boasts FIPS 197 and IP57 certifications, so you can rest assured that it will help keep you in compliance with regulatory standards.

Plus, the Sentry K300 was given one more important feature in 2019: the ability to be centrally managed by DataLocker’s flagship central management platform, SafeConsole. That allows administrators to manage all Sentry K300 devices, including password management, location monitoring, tracking file saving and deleting, and complete audit trails.

The best option for your data

We think this micro SSD is the best option for conveniently and securely storing and transferring your information. But you don’t have to take our word for it.

The Sentry K300 was awarded the Info Security Products Guide 2019 Global Excellence gold and bronze awards, recognizing the Sentry K300 for as both a new product and one of the most innovative security products of the year. And leading technology blog Gadget Explained recently offered a thorough review of it, appreciating its easy-to-use navigation and the usefulness of its display.

Data loss prevention is more important today than every before: make sure your data is always protected from unauthorized access with the hardware-encrypted Sentry K300.

Thanking Our Customers and Showing Our Appreciation

DataLocker is honored to provide exceptional products and services for our customers all year long, but there is no better time than the Thanksgiving season to reflect on how much you mean to us!

As we all prepare to wrap up another year, we want to take a moment to express our gratitude for your trust and partnership with us.

Where you live

We know the world is becoming smaller as more and more essential tasks are completed remotely and important information must be easily (and securely) shared across the globe. DataLocker customers are present on six continents, taking advantage of secure drives, device management, and remote capabilities literally worldwide.

DataLocker is proud to support you from our U.S. headquarters, as well as our offices in The Netherlands and Korea.

The work you do

We’re ready to protect your most important information, no matter the industry you serve. Our 256-bit military-grade encryption is the preferred choice for leaders in healthcare, legal, finance, energy, government, military agencies, and beyond.

We handle the technology (and ensure compliance with HIPAA, SOX, NRC, GLB, GDPR, and other directives) so DataLocker customers can rest assured that their sensitive data is secure.

What you have to say

We love hearing from DataLocker customers, especially when they’re letting us know how much they value the simple and secure solutions we provide.

“DataLocker is slick, easy to use, and reliable. And you can quote me!”
– Vint Cerf, Google

“The touchscreen is definitely slick, and this drive is worth considering if you need to move sensitive data between machines. The touch-screen controls on this drive look like a gimmick, but they make common tasks far easier. This drive fulfills one other important function: it supports Macs as well as PCs.”
– Andrew Brandt, PC Magazine

Thank you!

This Thanksgiving, what the DataLocker team is most thankful for is you!

Top Benefits of Encrypted External Hard Drives

Storing and transferring data is getting easier and easier. And while that can mean time savings and convenience for your team, it can also create security problems and put your data at risk.

Ease of use doesn’t necessarily mean secure, and that can be a big problem for protecting your organization’s information. That’s where encrypted external hard drives come in!


You may feel like data breaches, leaks, and disruptions are an inevitable part of doing business these days, given how often such security incidents are in the news, but that does not have to be your organization. By using the right tools from the beginning, you can ensure that your information is protected no matter what.

DataLocker’s encrypted external hard drives are designed with 256-bit military-grade encryption to secure your most valuable or sensitive data. Plus, our product line includes features like self-destruct security mode, rapid secure wipe, super-speed USB 3.0 interface, and more to meet your needs.


Corporations, military agencies, healthcare facilities, and organizations of all shapes and sizes are storing larger amounts of data for longer periods of time. In order to meet your business needs, comply with government and industry regulations, and protect your clients and customers, running out of space just isn’t an option.

External hard drives offer the space you need no matter how much capacity you require. With options that include up to 2 TB of storage, DataLocker’s line of encrypted external hard drives can get the job done.


The best thing about external hard drives for many people is their convenience. Durable, capable, and portable, encrypted external hard drives allow you and your team to manage your data without hassle.

But it’s not just your team who benefits. DataLocker’s external hard drives offer administrator access through our SafeConsole central management system, allowing administrative oversight of when, where, and how your devices are being used—and the ability to remotely reset passwords or wipe a drive’s contents.

DataLocker’s simply secure external hard drives offer a safe solution for portable storage of all your most important data, protecting sensitive information from loss or unauthorized access.

Learn more about DataLocker’s our encrypted storage and central management options, and then request an evaluation today.

How to Prevent a Security Breach

Security breaches can be a big problem: for your customers, for your investors, for your business. And as more and more business is done digitally (and more and more information shared via mobile and cloud-based devices), there is more risk for a security breach.

Preventing a security breach is best accomplished with a variety of tactics, and here are four of the top ways to protect your organization.

1. Secure Your Drives & Storage Devices

Using unsecured devices is one of the fastest ways to put your data at risk. Ensuring that your organization’s most sensitive information is always stored and shared via secured storage devices prevents data leaks, breaches, and thefts. Prioritize devices that have military-grade encryption and that can be managed remotely to put your mind at ease.

2. Set The Rules

Most organizations have requirements for creating (and regularly changing) strong passwords—but you can take it further. Creating file-type limits, geographic restrictions, automatic antivirus protection, and more are all possible with managed devices. These requirements and restrictions mean that you have complete control of who accesses what . . . and where.

3. Train Your Personnel

It’s true what they say: we don’t know what we don’t know. And since there has never been just one right way to handle data and transfer information, teams often have many different ideas of what constitutes best practices. Communicate your organization’s standards for storing and sharing data early and often.

4. Audit Your Data

While it’s important to set up your information processes correctly in the beginning, it’s even more important to continuously review and assess your data and usage. Regular audits can help you monitor what devices are being used, where devices are being used, and what files are being saved to or deleted from your managed devices.

Need some help securing your data or interested in central management for your devices? DataLocker is the leading provider of innovative military-grade 256-bit encryption. Give us a call or request an evaluation today!

Endpoint Management

Gone are the days when an organization’s data was accessed strictly on-site. The convenience of laptops, tablets, smartphones, flash drives, portable drives, and other mobile devices has opened up an entire world of possibilities and flexibility for how our teams operate. But it has also opened up new challenges and concerns for maintaining secure data, enter the need for secure endpoint management.

Do you have to sacrifice security in order to make data storage and data sharing convenient? The answer is no! Fortunately, data security standards have evolved right along with technological advances—which means that you can continue taking advantage of remote worksites and information access with confidence. So as team members are able to access systems, programs, and information in a decentralized environment, how can your leadership ensure that your data remains secure with more and more endpoints being used in your network? Enter, endpoint management.

What is endpoint management?

An endpoint management system can help you protect your data and your most important systems no matter where they are accessed. The great thing about flash drives, removable media storage, and other devices is that your team can easily and quickly share large files, sensitive data, proprietary information, and more—the things that you are unable (or unwilling) to share over public networks.

You can use a central management system to secure endpoints by setting requirements, monitoring activity, completing audits, and restricting access remotely. Those requirements and reporting are all managed by only those with administrator-level access to the system. Endpoint management gives you control over the devices that are outside your physical reach but are still being used to view, edit, and share the data you care about most.

How Is Endpoint Management Used?

There are plenty of features that make an endpoint management system the best way to secure endpoints across your network with ease, whether you are the end-user or an administrator overseeing the use of devices. Here are seven of the most important components that DataLocker incorporates into our security solutions for organizations of all sizes.

Password Protection

The first line of defense is usually a good password, but not all users will take this step on their own. Set a strong password policy that is required for all devices. Keep access to your endpoints limited to those with the right password—and define administrators who can support password resets when needed.

Hardware Encryption

Encryption ensures that all of your data on managed devices is unreadable to anyone who does not have the correct encryption key. With military-grade 256-bit encryption, devices are protected from brute-force attacks and attempts from unauthorized users to access the stored information.

Defined Restriction

Create restrictions on when or how devices can be used. Want your devices to only be accessible within certain geographic boundaries? Set a geofence to limit access to specific locations anywhere across the globe. Want to limit the types of files that can be stored on secured devices? Set a restriction to prevent the storage of unauthorized file types.

Tracked Connection

With an endpoint management system, you can track where your managed devices are being used, locate lost devices, kill stolen devices, push updates, allow password resets, set devices to read-only mode, and more. And all of this can be accomplished remotely, with no need to physically access the device in order to effectively manage it.

Virus Protection

Managed devices can have virus protection and anti-malware defense installed across the board. Confirm that all information stored across your organization is scanned for viruses, worms, trojan horses, and other issues—and set protocols to automatically remove any found threats. Your administrators can then review reporting on all scans and incidents to ensure maintained security.

Audit Creation

Generate detailed audits of your managed device inventory, including log-in statuses, failed unlocking attempts, and geolocation tracking. File auditing can help you see what files have been copied, deleted, or renamed on secured devices. These features support ongoing endpoint management as well as compliance requirements for various regulatory agencies.

Easy Implementation

Using a management system to secure endpoints means that your leadership team can set all the parameters and requirements and implement them throughout the network. There is no need for a lot of extensive training for team members or point-by-point applications. It is all controlled right at your fingertips.

How Can DataLocker Help?

DataLocker uses AES 256-bit encryption standards to build security solutions that serve its clients’ hardware, software, and management needs—and is constantly striving to remain on the cutting edge of industry best practices.

DataLocker’s portfolio of innovative products include encrypted hard drives and encrypted virtual drives to give your organization the storage space you need, encrypted USB flash drives and encrypted external hard drives that provide secure removable media storage and transfer, and central management solutions with an interface that is easy to use and capable of managing secured devices from anywhere in the world. These solutions are designed to keep your data secure from end to end.

Plus, our products are FIPS (Federal Information Processing Standards) validated and compliant with HIPAA (Health Insurance Portability and Accountability Act), SOX (Sarbanes-Oxley Act), DHS (Department of Homeland Security), NRC (Nuclear Regulatory Commission), GLB (Gramm-Leach-Bliley Act), and other regulatory directives. That is why DataLocker’s patented encryption technology is used by military and government agencies, Fortune 500 corporations, health care agencies, banking and financial institutions, and other organizations worldwide who prioritize keeping sensitive and proprietary information secured.

Your organization does not have to sacrifice security for convenience: invest in an endpoint management system that can protect your most important data from exposure and spare your team a public relations nightmare. Ready to learn how DataLocker can help you secure endpoints? Contact sales@datalocker.com to request a sample or click here to request an evaluation!

Importance of Secure Data

Your data deserves secure storage—and you deserve the confidence that comes with knowing your most important information is protected. But if you’re picturing a steel safe or a 75-character password, there are better options available for easily and reliably maintaining your secure data.

When handling sensitive data, it isn’t enough to simply lock it down to prevent anyone from getting to it. You and your team still need to be able to use it as needed! Cloud-based systems have made it possible to deliver simple 24/7 access to team members and stakeholders worldwide—but that level of convenience is hard to secure.

So how do you allow the right people to access the right data at the right time—without letting it become available to unauthorized parties in the meantime?

The importance of security

Without proper protection, you can put your organization’s data at risk for exposure, theft, leaks, and corruption. Keeping your data secure is essential to prevent it from falling into the wrong hands, whether as a result of a malicious attack or through accidents caused by simple human error.

Today’s news cycles are often dominated by data breaches and hacks—episodes that leave affected organizations scrambling to mitigate not only the incident itself but also a public relations headache. You have better things to do than checking and double-checking your data security.

A better way

As today’s technology standards and security best practices continue to evolve, DataLocker is creating cutting-edge solutions to reflect them. We are the leading provider of encryption services and we know that solutions for secure data go beyond your hardware and data storage devices. In today’s world, being able to store, transfer, and access data locally, on the web, and on portable storage devices is essential to organizations across all industries.

Our SafeCrypt storage solution is a virtual drive that provides military-grade 256-bit encryption for data whether it’s in the cloud, on an external drive, or on a local drive. Plus, it’s FIPS 140-2 validated and compliant with HIPPA, SOX, DHS, NRC, GLB, and other regulatory directives.

Learn more about DataLocker’s suite of data encryption storage solutions or request an evaluation today.

Drive Security

The ability to safely transport and store data, in most organizations, is just as important as the data itself. But many agencies, companies, and other establishments simply do not put as much thought into their drive security as they do into the information they are storing there—and that’s a mistake. Securing your drives is critical to ensuring all of your most vital data is properly protected no matter what it is or where it goes.

And though keeping your drives secure is of vital importance, it doesn’t have to be hard. In fact, DataLocker can actually make it easy.

Why drive security is essential

Data breaches, leaks, and disruptions are a regular part of the news cycle these days. But just because they are common doesn’t make them any less painful. And they don’t just cause public relations problems—including both embarrassment and a loss of trust with clients, customers, or public—because a data incident can put more than your image at risk.

Your most valuable data can be hacked, copied, stolen, deleted, or otherwise disrupted, leaving military planning, patient data, financial transactions, government plans, and more vulnerable and accessible to unauthorized parties. In some cases, these incidents are caused by individuals or groups who are deliberately seeking to hack the system for personal gain or malicious purposes. But sometimes security breaches happen simply because of forgetfulness, laziness, or oversight. Data security is subject to human error too.

And that is why keeping the drives where you store and transfer that data secure prevents loss, theft, or disruption. Maintaining your drives with encryption and other security measures means you and your leadership team can rest easy knowing that your organization’s info is safe.

How drive security works

Do not rely on a simple password, which can be guessed or hacked, or on physical locks and protection, which can be broken or breached. Data encryption scrambles your organization’s information right at the source, encoding your information and making it unreadable to any unauthorized users who receive it.

Only authorized users can access the information by using a password or encryption key, which allows them to encrypt the data that has been stored on your hard drive, remote storage, or other information storage platform. This gives you and your leadership team the control to decide when data can be retrieved, where it can be retrieved, and who can retrieve it.

DataLocker uses 256-bit encryption standards, which is why DataLocker’s encryption technology is used by government and military agencies, legal institutions, the healthcare industry, financial institutions, and Fortune 500 companies. These organizations expect a high level of data security and our products deliver it.

We use military-grade security standards to build innovative products that serve our clients’ hardware, software, and management needs—allowing them to store, share, and secure all of their most important information. As a matter of fact, DataLocker owns more than a dozen patents for the data encryption technology we use. We also recognize that technology is changing and improving almost constantly, so we strive to remain on the cutting edge of industry best practices with nearly a dozen patent applications currently awaiting approval. DataLocker stays on top of advances in encryption to bring our customers the best security solutions of the day.

Secure drive options

And how does that technology work for you exactly? DataLocker offers a portfolio of innovative products that leverage our state-of-the-art encryption. Our encrypted hard drives and encrypted virtual drives provide the storage space you need no matter the size of your organization. And when you need to be able to safely and securely transfer your data, our encrypted USB and flash drives and encrypted external hard drives provide a secure solution for removable media storage.

Whether you are looking for the super speed of a USB 3.0 interface, solid state drive (SSD) options, FIPS (Federal Information Processing Standard) certification, or other features, our line of secure and encrypted drives are designed to meet diverse needs for our clients. We also want to make it possible to easily and securely manage your encrypted drives from anywhere in the world—which is exactly what our central management solutions and its easy-to-use interface can do.

Each of these products can help you and your business secure customer data, patient histories, business plans, financial transactions, employee information, sensitive communication, and more. Securing your drives is critical and that is why our secure drives are used by some of the largest and most security-minded agencies and organizations in the world.

Drive security best practices

Like any data usage processes, there are plenty of best practices to keep in mind to maintain security. Fortunately, DataLocker makes it easy to keep you and your team in compliance without a whole bunch of extra training or added complications.

Encryption means you don’t have to worry about weak or outdated passwords. Our USB drives, flash drives, hard drives, and external drives are all built so you don’t have to install or configure any software. Not to mention, we include the option to automatically scan your data for viruses, worms, trojan horses, and other malware threats right from your drives—even automatically removing any viruses found and sending reporting on the virus incident to your central management console. It is features like these that keep your data safe without you having to lift a finger.

DataLocker offers best-in-class data security solutions for companies and organizations large and small. We are dedicated to protecting your data from breaches, leaks, and mistakes by securing your drives with encryption services.

Do not leave your organization open to exposure or a public relations nightmare. Make securing your drives a priority. Ready to learn how DataLocker can support your organization through simply secure data encryption? Contact sales@datalocker.com to request a sample or click here to request an evaluation!