The Stick is an encrypted USB-C flash drive in a robust metal housing, the most modern in its segment
It enables the storage, safekeeping and secure transfer of sensitive commercial and private data for public authorities and companies in compliance with GDPR regulations.
The Stick is approved by the Federal Bureau of Information Security (BSI) for government classified information up to NATO Restricted and EU Restricted.
The confidentiality of the data stored on the Stick is protected against unauthorized access, for example in case of loss or theft of the medium, as well as in case of various types of attack.
While the Stick is not connected to a computer or an external power source (eg USB or USB hub), it will remain in sleep mode and all keys will be disabled.
Stick guarantees data confidentiality using the following security mechanisms:
- Access control
- Cryptographic Key Management
- User management
The encryption module integrated into the security case ensures complete encryption of the Stick. Each stored byte and each written sector on the storage device is encrypted in XTS mode using two cryptographic keys according to 256-bit AES (Advanced Encryption Standard). The Stick also encrypts temporary data and areas that are often ignored by conventional encryption software.
User authentication is based on the “have and know” principle
- To gain access to the data, the user must have a smart card and know the correct PIN
- If the allowed number of incorrect PIN entries is exceeded, the smart card is deactivated and no longer usable
- Cryptographic keys are also permanently erased
Cryptographic Key Management
The user can generate, change or destroy cryptographic keys at any time. This process is irreversible. Once new cryptographic keys are generated, the old cryptographic keys and thus all data stored on the data carrier are irretrievably destroyed. Therefore, any information stored on the Stick should first be stored on another encrypted data carrier if necessary .
Two 256-bit encryption keys for data encryption and decryption are generated by a hardware random number generator and stored in memory. If the user’s PIN is entered correctly, it is transmitted to the Stick encryption module for data encryption and decryption.
|Capacity||USB KSV – 32GB, USB KSV – 64GB, USB KSV – 128GB, USB KSV – 256GB, USB KSV – 512GB|
|Encryption algorithm||AES-256 in XTS mode|
|Interface||USB 3.0, USB 2.0|
|Authentication||PIN code + Smart card|
|Resistance to Brute-Force||YES – if you enter multiple incorrect attempts to guess the PIN, the entire disk will be automatically formatted|
|Can be used to boot another OS?||YES|
|Transmission speed||Up to 120 MB/s, Actual read and write speed depends on selected memory size, memory type, connected USB and host system|
|Warranty||2 years for the consumer, 1 year for the company|