Apricorn Aegis Bio USB 3.0 Review

by Reads (11,880)
  • Editor's Rating

    Ratings Breakdown (1-10)

      • Design
      • 9
      • Features
      • 8
      • Performance
      • 10
      • Total Score:
      • 9.00
      • Rating 1 to 10, top score 10
  • Pros

    • Real-time 256-bit AES/XTS hardware encryption
    • Works with Windows, Mac, and Linux
    • No special software needed
    • USB 3.0 fast data transfer
    • Integrated cable
  • Cons

    • Five print registration limit
    • No way to erase or replace a stored print without reformatting drive
    • No administrative software: If hardware fails, data is unrecoverable
    • Integrated cable

If you’re looking for a simple way to store your files using biometric security then Apricorn’s Aegis Bio 3.0 portable hard drive looks like an ideal solution. It applies both fingerprint biometric access and hardware encryption to an external USB hard drive that automatically keeps your data safe.

It seems as if every time you look at the news, someone has hacked a site, or breached security at a corporation. In some cases, people have lost or had stolen laptops with sensitive or even Top Secret data. In a world where information has become one of the most important resources, security and vulnerability have become even more important.

Addressing this issue is seldom simple, and there’s always a compromise that has to be made between ease-of-access and enhanced security.

One solution is to simply store secure information in the cloud and download it when you need to access or work with it. That puts the data somewhere other than on the physical laptop, but requires that you have cloud access when you want or need to access the secure information. And, if the files are large, can be frustratingly slow even with 4G broadband.

Another solution is biometric access. Fingerprint readers and even facial recognition in lieu of a password is exceedingly common these days. This approach is convenient — you always have your face, and hopefully your finger(s) with you. But it’s really not that hard to pull a hard drive out of a laptop and bypass any need for a password.

At the present time, the most secure approach to data security is encryption. Even 256-bit encryption can be broken, but unless your laptop falls into the hands of one of the three-letter intelligence agencies, it’s pretty unlikely that files encrypted with 256-bit AES/XTS encryption algorithms are going to be accessible.

You could encrypt the entire hard drive, and many users do exactly that. But unless you have a lot of sensitive data on your hard drive, encrypting your playlists and MP3 files seems a lot like building a barn to house a hamster.


Security Without The Overkill

Rather than jump through hoops to protect data that really doesn’t need protecting, why not segregate the information that needs additional security, and provide vigorous measures to secure just that?

Apricorn’s Aegis Bio 3.0 portable hard drive approaches the security problem in just that way. It applies both fingerprint biometric access to the drive, and also hardware encrypts all of the data on the drive automatically.

The drive itself is rectangular, and measures 4.7 x 3.3 x 0.75-inches, almost exactly the same size as the Seagate FreeAgent GoFlex drive I used for comparison. Both are USB 3.0 models, and are powered by the USB 3.0 bus. Since the drive is backwards compatible with earlier versions of USB, which may not supply as much current to the USB port, Apricorn supplies an adapter cable which plugs into two USB ports to supply additional power to the drive.

A nice feature is that an attached USB cable stores in a slot along the right side of the drive. You never have to remember to pack a USB cable, or look for one when you want to use the drive. Of course, this is also a potential point of failure since all cables wear out over time and there is no way to replace this one since it’s built into the drive.

Other than a trio of different colored LEDs above a fingerprint scanner and a small pushbutton underneath the reader, the drive is pretty much indistinguishable from any other portable USB hard drive.

The Aegis Bio 3.0 comes in three capacities: 500GB ($199), 750GB ($219) and the 1TB model I tested ($249). The drive used in the Aegis Bio 3.0 is a 5400 RPM model, and the fingerprint sensor and chip is from AuthenTec. The Aegis Bio 3.0 uses AES-XTX encryption. More information on this encryption is available on the NIST (National Institute of Standards) web site, which is the organization that codifies encryption (and other) standards.

Fortunately, you don’t need to know how it works to use it. Data is automatically encrypted before it’s written to disk, and unencrypted before it’s transferred between the drive and a laptop or PC.

Installation and Use

There is no actual installation of the drive. The Aegis does not require administrative software on the PC it’s being used on and it’s operating system agnostic. You can plug it into any PC using the Windows, Mac, or Linux operating system. When it’s plugged in, the Aegis will be in locked mode, indicated by a red LED being lit. When the drive is unlocked by swiping an enrolled finger across the sensor, the red LED turns off, and the green LED starts to flicker while the drive analyzes the print and turns green moments later when the fingerprint is authorized. When this happens, the drive is recognized as an ordinary USB drive by the PC or laptop it’s attached to. All of the encryption/decryption is performed on the drive Aegis. Until the drive is unlocked, the Aegis is completely unrecognized as a device on the PC.

Setup is fast and easy. All that’s needed is to register one or more fingerprints. This is done by plugging the Aegis into a USB port on a PC, Laptop, or Mac. Two of the LEDs will light up — a solid blue and a flashing green. Swipe you finger across the sensor as many times as necessary until both the blue and green LEDs are solidly lit. The fingerprint has been enrolled. Apricorn’s Quick Start mentions that six swipes will usually be enough to enroll a print. Mine took eight swipes, which is not a problem.

If you want to enroll other prints at the same time, press the Enroll button located beneath the sensor within 15 seconds. The Green LED will start flashing (the blue LED will stay lit) and swipe another finger until the green LED stops flashing and stays lit.

Up to five fingerprints can be enrolled. When you reach that limit, you cannot authorize any additional prints. Because there is no administrative software available, you also can’t delete prints. All you can do is erase the drive, reformat it, and start enrolling prints from the beginning.

Once you’ve finished enrolling prints, unplug the drive, plug it back in, and the red LED will light up. Swipe an authorized finger across the sensor (I had to do two swipes), and the red LED will go out, and the green LED will light up. The drive is now ready for use.

 

Performance

In order to judge whether the encryption/decryption process has an effect on the drive’s performance, I measured the time it took to copy a 5.6GB file from a laptop to the drive and, erasing the file from the laptop, from the drive back to the laptop.

I performed this test with three different portable USB drive, an Apricorn 60GB USB 2.0 drive, a Seagate FreeAgent GoFlex USB 3.0 drive, and the Aegis Bio 3.0.

Of the three drives I tested, the Aegis Bio 3.0 was the fastest, though not very much faster than the Seagate drive, which is also a USB 3.0 model. Apricorn’s advertising mentions speeds “up to” 10 times faster than a USB 2.0 drive. Obviously, this was not the case in my testing, though the USB 3.0 drives were up to three times faster than the USB 2.0 drive in copying the test file from the desktop of the Acer Aspire V7 laptop I was using for the test over to the drive.

 

 

From Drive to Desktop

From Desktop to Drive

Apricorn USB 2.0 drive

2 min 45 sec

3 min 07 sec

Seagate FreeAgent GoFlex
USB 3.0 drive

1 min 06 sec

1 min 09 sec

Apricorn Aegis Bio 3.0 drive

58 sec

1 min 01 sec

 

Conclusion

There is no perfect solution for securing sensitive information; only a solution that provides as much security as you are willing to compromise on. One very practical approach is segregating the sensitive data onto a separate hard drive, which can be locked away when not in use and which provides a high degree of protection when you do require it.

Apricorn’s Aegis Bio 3.0 implements this approach very well. With both biometric fingerprint recognition and hardware 256-bit encryption, the drive offers a high degree of protection of sensitive data in a reasonable form factor.

Keep in mind, however, that the drive does add some risks of its own to the pot. The lack of an administrative manager on the host computer allows the Aegis to be easily used with multiple users and operating systems. Plug it into a PC or laptop, run your finger over the reader, and you can use the drive exactly the same way as you would any portable USB hard drive. But the number of fingerprints that you can register for access to the drive tops out at five. And there’s no easy way to remove a fingerprint that’s been authorized — you have to reformat the entire drive, and reauthorize those fingerprints that you want the Aegis to recognize.  

If you have access to the people whose fingerprints you want to reauthorize, this isn’t much of a problem — just back up the entire drive to a PC or laptop’s hard disk (all of the files on the Aegis will unencrypt as they copy over), reformat the drive, reauthorize acceptable fingerprints, and copy the Aegis’ contents back from the PC or laptop to the Aegis. It sounds like much more work than it really is.

But there are scenarios where you won’t be able to gain access to the encrypted data. The drive could be lost, it can be damaged by fire or flood, or there’s even a possibility of the sensor and encryption hardware being damaged. Another possibility is that your hands are damaged or in a cast, and you don’t have access to someone else you’ve authorized.

However unlikely these possibilities are, you need to consider them when you are dealing with data sensitive enough to require encryption.

There are solutions to these potential catastrophes. The first is to always have someone you trust authorized to unlock the drive. And register fingers on both of your hands. Finally, back the data up on another encrypted drive, and store this drive in a safe place when you need to travel with sensitive data. The Aegis Bio 3.0 drives are inexpensive enough to make this a very cost-effective approach, while providing a high degree of comfort that your sensitive data is safe from prying eyes.

Pros:

  • Real-time 256-bit AES/XTS hardware encryption
  • Works with Windows, Mac, and Linux
  • No special software needed
  • USB 3.0 fast data transfer
  • Integrated cable

Cons:

  • Five print registration limit
  • No way to erase or replace a stored print without reformatting drive
  • No administrative software: If hardware fails, data is unrecoverable
  • Integrated cable


LEAVE A COMMENT

0 Comments

|
All content posted on TechnologyGuide is granted to TechnologyGuide with electronic publishing rights in perpetuity, as all content posted on this site becomes a part of the community.