Apricorn 32GB Aegis Secure Key 3z Encrypted USB 3.1 Gen 1 Flash Drive

Apricorn Secure Key 3z Overview

Keep your sensitive data secure while on the go with the Aegis Secure Key 3z Encrypted USB 3.0/3.1 Gen 1 Flash Drive from Apricorn. Certified to meet FIPS 140-2 Level 3 standards for cryptographic security, this 32GB flash drive boasts full-disk 256-bit AES-XTS hardware encryption, plus an embedded, wear-resistant 10-digit keypad designed to circumvent key-logging attacks while preventing hackers from spotting oft-used keys.

Compatible with Windows, Mac, and Linux systems, the water- and dust-resistant Aegis Secure Key 3z boasts a USB 3.0/3.1 Gen 1 interface, an auto-lock feature, brute-force protection, forced enrollment on first use for administrators, and a self-destruct PIN that wipes all data and leaves the drive in its initial deployment state.

AES-XTS 256-bit Hardware Encryption

All data is encrypted on-the-fly with full-disk, military-grade AES-XTS 256-bit hardware encryption.

FIPS 140-2 Level 3 Validated

Meets the U.S. government standards for information technology and computer security. NIST FIPS 140 is the cryptography standard program required by the U.S. federal government for protection of sensitive data. The Aegis Secure Key 3z's FIPS 140-2 validation covers 11 areas of its cryptographic security system, including physical security, cryptographic key management and design integrity. Available in four levels, the Aegis Secure Key's FIPS 140-2 Level 3 validation encompasses both the Aegis Secure Key's physical tamper-resistant features as well as its identity-based authentication. The epoxy coated boundary includes all encryption functions and all Critical Security Parameters (CSPs) such as PIN storage, encryption key generation and storage, random number and seed generators, all firmware storage, and device storage. The FIPS module is a complete encryption system, and no CSPs ever leave the boundary, nor are they ever shared with a host system.

USB 3.0/3.1 Gen 1 Interface

Transfer files to and from the Aegis Secure Key 3z via its USB 3.0/3.1 Gen 1 interface. USB 3.1 Gen 1 and USB 3.0 are synonymous.

Embedded Keypad

Unlock the drive with a unique 7- to 16-digit pin. All PIN entries and controls are performed on the keypad of the Aegis Secure Key. No critical security parameters are ever shared with the host computer. Until the secure USB drive device is unlocked via its keypad, it remains invisible to the host. The embedded keypad circumvents hardware and software key-logging attempts to capture passwords by excluding the host system from the authentication process. The wear-resistant, polymer-coated buttons are designed to not reveal commonly used keys.

Programmable Minimum PIN length

For added PIN length and enhanced security, minimum PIN length requirement can be increased from 7 characters up to a maximum of 16.

Forced Enrollment

With no default factory preset PINs, the administrator is required to create a unique PIN upon first use. Forced enrollment can also be extended to first user PIN at setup.

Software-Free Design

The Aegis Secure Key doesn't require software, drivers, or updates, and it can be used without a keyboard. The Aegis Secure Key is compatible with Windows, Mac, and Linux systems, as well as most devices with a powered USB port.

Aegis Configurator Compatible

Configures multiple Configurator-compatible devices at the same time with pre-set device profiles.

Rugged, IP67-Certified Design

The Aegis Secure Key's rugged, extruded aluminum casing and polymer-coated keypad is resistant to dust and water. Inside, another layer of protection is added by encasing the inner componentry with a hardened epoxy compound to prevent physical access to the encryption circuitry.

Independent User and Admin PINs

The Aegis Secure Key can be configured with independent user and administrator PINs, making it an ideal device for corporate and government deployment. Should the user forget his or her PIN, the drive can still be unlocked with the administrator PIN, after which a new user PIN can be created.

One-Time Recovery PINs

If a user PIN is forgotten, up to 4 one-time use recovery PINs can be programmed to permit access to the drive's data.

Auto Lock

Locks automatically whenever it's unplugged from its powered USB port, and is further programmable to lock after a predetermined period of inactivity.

Drive Reset

Allows the drive to be cleared and redeployed. Capable of generating an infinite number of randomly generated encryption keys, the Aegis Secure Key 3z can be reset as many times as desired.

Brute-Force Protection

After a predetermined number (programmable; up to 20) of incorrect PIN entry attempts, the Aegis Secure Key will conclude that it is under brute-force attack and will respond by performing a crypto-erase, deleting the encryption key and rendering all of the key's data useless.

Lock-Override Mode

Designated for specific cases in which the key needs to remain unlocked, such as during reboot, passing the key through a virtual machine, or similar situations that would normally prompt the key to automatically lock, Lock-Override Mode allows the key to remain unlocked through USB port re-enumeration and will not re-lock until USB power is interrupted.

Two Read-Only Modes

Suitable for accessing data on the key in a public setting to protect against USB viruses. Particularly important in forensics, read-only mode is ideal for applications that require data to be preserved in its original, unaltered state and can't be overwritten or modified. The Secure Key 3z has two read-only modes. One is set by the administrator can't be modified or disabled by anyone else. The second read-only mode can be set and disabled by a user but can also be overridden by the administrator.

Self-Destruct PIN

The last line of defense for data security, the Secure Key's Self-Destruct PIN defends against physically compromising situations by erasing the key's contents, leaving it in normal working order and appearing as if it has yet to be deployed.

Administrator Mode

Allows enrollment of one independent user and one administrator for setting parameters for PIN management, Read-Only, Auto-Lock, Self-Destruct, Lock-Override, and Brute Force modes. The user mode is limited to basic external drive functions such as read/write, unlock/lock, etc. The data on the drive can be accessed with the admin PIN in the user mode.

LED Flicker Button Confirm

MS