The storage device used for removing flight data from F-35 jets is provided by Data Locker. ()
SAN FRANCISCO — After several infamous viruses were detected on portable hard drives, not to mention increased concern about the insider threat posed by workers who might use the devices to exfiltrate data, the U.S. military tried to clamp down on their use.
But while that policy might help protect against certain threats, it was an impractical solution. Take for instance the problem of removing flight data from an F-35 Joint Strike Fighter. The large quantities of data can’t easily be streamed across any network, and therefore have to be moved via portable device.
In the case of the F-35, and for a variety of other applications in government, the storage device in use is provided by Data Locker.
The company produces a range of hard drives, all designed with encryption baked into the products.
For the F-35, the device employed uses a touch screen with a keypad to access the drive. Unless the proper code is inputted, the device’s content can’t be accessed by a computer system. Once the proper code is provided, the drive functions much like any other traditional hard drive. Lest an intruder simply dust for fingerprints to discover the code, the digits on the input screen change position on each use, creating no discernable fingerprint pattern.
The fact that no external software is needed to encrypt the hard drive is critical, as connecting a drive to an F-35 might be simple, but updating the aircraft’s software to handle encryption assignments is much more complex.
Data Locker started producing drives in 2010, after about two years of research and development. Given that the U.S. Army essentially had a prohibition against the use of hard drives at that time, many didn’t view the market as a growth opportunity. But Jay Kim, president of Data Locker, said he was confident that despite the concerns, hard drives would survive as a necessary practical solution for moving data, and that the restrictions wouldn’t likely remain.
“That’s nice on paper, but practically, how do you run hundreds and thousands of computer systems without external storage?” he said. “Local storage isn’t going to go away for a while. People have been predicting the death of hard drives for some time, and it hasn’t happened.”
Still, given that the military was woefully unprepared for some of the threats it faced, Kim said that he understood the knee-jerk reaction to ban the devices.
“The ban was probably a good thing, and so they went to the extreme, but they needed to have a policy,” he said.
Seventy percent of the company’s business comes from the military, with much of that through the Department of Defense. The company has seen its business double each year since 2010. But it’s now looking to expand into the cloud storage market, a solution that Kim says will likely be adopted first by those outside of government.
The product, called Skycrypt, will likely be launched later this year. It uses existing cloud services, but automatically encrypts the data locally. By encrypting locally, the data can be streamed via unsecured networks to a cloud service without significant risk that the data will be vulnerable because it’s already encrypted. And even if attackers access the storage server where the cloud service keeps the data, they would only see an illegible garble of code.
Skycrypt is currently being tested by the Data Locker team and has no formal launch date. Given the pace at which the government typically adopts new solutions, Kim said that he imagined it might be some time before the solution is implemented with that group. But it will be available to consumers and companies when it’s launched.