Personal Portable Security Devices Are Pocket-Sized, All-In-One Security Devices Ready For Prime Time?

Key Points • Personal portable security devices integrate cryptographically strong user authentication, such as OTPs (one-time passwords) and public key certificates with ample hardware-encrypted flash storage, all housed in a compact USB device. • The functional integration enables new usage models for secure mobile computing, such as standalone portable applications, browsers, or complete desktop environments. • PPSDs are a relatively new and evolving technology that suffers from hardware costs substantially higher than those of point products, such as encrypted storage or OTP tokens, complex deployment processes, and necessary additional management software.

USB thumb drives have become the sneakernet’s backbone, the result of plummeting prices and burgeoning capacities for flash memory. These tiny wonders are spacious enough to store an OS installation with room to spare for user data; however, they are also inherently insecure. Although vendors have addressed this shortcoming with drives incorporating hardware encryption chips, these haven’t yet achieved mass acceptance. Small USB devices have also become a common vehicle for delivering secure, two-factor user authentication.

Wouldn’t it be nice if secure storage and authentication features were combined into a compact Swiss Army knife of security? A relatively new class of products, PPSDs (personal portable security devices) “combine the flash storage of universal serial bus thumb drives with the access control and secure storage capabilities of the smart card,” says Burton Group Senior Analyst Mark Diodati. “PPSDs leverage the USB form factor, use hardware cryptographic processing to provide smart card and one-time password device services, have secure storage capabilities, and reside in a tamper-resistant container.”

The real security magic comes from the synergistic integration of the two sets of capabilities; for example, users cannot access the flash memory without first providing strong authentication. Diodati adds, “The PPSD overcomes two issue— the limited storage capability of smart cards and the relative insecurity of USB flash drives. Larry Hamid, CTO of MXI Security, says the combination allows “a device that serves multiple security functions.”