DiskAshur2 512 GB Portable Encrypted SSD Review – Serious Data Security Starts Here
iStorage DiskAshur 2 512GB2017
Ever wondered what it would feel like to be carrying secrets that could impact national security in a drive with military-grade encryption? Well, while we can't help you with the secrets portion, DiskAshur2 from iStorage can take care of the military-grade encrypted device part with its lineup of portable SSDs. Today, we will be looking at the iStorage DiskAshur2 512 GB portable SSD that ships with AES-XTS 256-bit - military grade encryption that is currently unbreakable (from a direct attack vector).
iStorage's DiskAshur2 brings unbreakable data security to the consumer market starting at $176
iStorage is a pretty well-known name in the encrypted storage market - they were the first company on earth to get a portable encrypted storage solution on the market with their DiskAshur Pro series (which has certifications by NATO and other major organizations). The DiskAshur 2 (non-pro) series lacks these certifications but as far as I can tell that's pretty much all the difference between the Pro and non-Pro variants. In any case, they should be more than enough for the average consumer's security needs. Before we go any further, here is a quick overview of the tech.
|Capacity||500GB, 1TB, 2TB, 3TB, 4TB & 5TB|
|Data Transfer Speed||Up to: Read 294 MBps / Write 319 MBps|
|Power Supply||Bus Powered|
|Weight||500GB/1/2TB max. 216 grams approx. | 3/4/5TB max. 325 grams approx|
|Approvals||FIPS PUB 197 Validated, FCC, CE, RoHS, WEEE, TAA Compliant|
|Interface||Super Speed USB 3.1 - up to 5Gbps. Backward compatible with USB 3.0/2.0/1.1|
|Operating System Compatibility||MS Windows, macOS, Linux, Chrome, Thin Clients, Zero Clients, Android & Embedded Systems|
|Hardware Data Encryption||Real-Time Military Grade AES-XTS 256-bit Full-Disk Hardware Encryption|
|iStorage Part Number||IS-DA2-256-xxxx-xx (xxxx-xx = Capacity and Colour) B = Phantom Black: BE = Ocean Blue: R = Fiery Red: GN = Racing Green:|
|Box Contents||Portable SSD, Protective Carry Case, QSG (Quick Start Guide)|
Here is an overview of all the features of the DiskAshur2
- USB 3.1 Portable Encrypted Hard Drive
- Capacities up to 5TB*
- FIPS PUB 197 validated
- AES-XTS 256-bit hardware encryption – no software required
- OS & Platform independent
- Employs EDGE* Technology
- Available in 4 colours-Phantom Black, Ocean Blue, Fiery Red & Racing
- Common Criteria EAL4+ ready on-board secure microprocessor
- Real-time military grade AES-XTS 256-bit Full-Disk Hardware Encryption
- FIPS PUB 197 Validated Encryption Algorithm
- Encryption keys are always encrypted while at rest
- Brute Force Hack Defence Mechanism
- Tamper Proof
- Immune to BadUSB
- Water & Dust Resistant - IP56 certified
- Epoxy coated wear resistant keypad
- No speed degradation - as fast as any non-encrypted USB 3.1 HDD
- Desk Lock Slot
- No software or drivers required - 100% Hardware Encryption
- Read-Only (Write Protect) & Read/Write modes
- Self-Destruct Feature
- Drive Reset Feature
- Super Speed USB 3.1 with integrated cable
- Unattended Auto-Lock feature
- No admin rights needed
- OS & Platform Independent - Works on any device with a USB port
- All components covered with a layer of super tough epoxy resin
- Available in four colours Phantom Black, Ocean Blue, Fiery Red & Racing Green
Packaging and first look
The SSD comes in a small box that has a cute security label which states that you should not accept the SSD if it's broken. A very good quality USB extension cable is also included in the box (which is a very thoughtful touch!) which increases the value of the package when looking at the price tag of $176. The SSD itself features an epoxy coated keypad, with a USB 3.1 cable tucked away in the side.
The SSD feels very well built in hand and has oleo-phobic coating on the keypads so the keys don't give away the possible key combinations by degrading over time as the same pin is keyed in repeatedly. I was slightly concerned about the integrated cable as that is the biggest possible point of failure but the quality of the material is very sturdy and my fears appear to be unfounded.
Encryption and ruggedness overview
The DiskAshur2 utilizes a dedicated on-board secure microprocessor to handle all encryption needs on a hardware-level. This is a very important distinction because this means all encryption processes will happen on-disk, away from the host's PC where they might be modified. The specific encryption standard that is being used is the AES-XTS 256-bit which as far as I know is known to be unbreakable. This is a FIPS PUB 197 validated encryption algorithm that is handled in its entirety by a Common Criteria EAL4+ on-board microprocessor.
Best of all, however, you get no performance degradation since this is full disk encryption. An interesting part of the security design is that the device will accept a maximum of 15 pin attempts. After that, it will delete all encryption keys and the data will be lost forever (the device assumes a forceful attempt is underway). This is either a pro or a con depending on how security conscious you are. The device also has a self-destruct pin which you can enter to delete all data in one go.
The packaging is IP56 certified which means its fairly dust and water-resistance so don't worry about the odd splashes and rain. The case itself is rubberized so it can handle a fall quite easily (SSDs are more resilient to falls than HDDs anyways). The case is also designed to be tamper-proof and any attempt to open the device or mess with the encryption hardware will result in the device assuming someone is attempting to tamper with it and all data lost.
Benchmarks and conclusion
The device that iStorage has applied the encryption layer is actually the ADATA SU800 512GB - which is what benchmark software will sometimes detect the drive as when you plug it in. This means that you are looking at a 3D NAND based SSD with a very high shock tolerance. The DiskAshur2 features 294 MB/s read and 319 MB/s write speeds and includes intelligent SLC caching and DRAM memory cache buffer (the standard bells and whistles of modern SSD firmware). This particular SSD also contains an error LPDC - low-density parity check - which compared to non-error correcting memory is going to offer superior reliability of the data as well as the encryption keys.
Our testing methodology includes filling up the drive to roughly 1/4th of its value and then running tests as this gives a more accurate picture than simply testing a newly formatted drive out of the box. The performance of the DiskAshur2 was very impressive and I was continuously getting 300 MB/s+ read and writes when transferring data from my M2 Samsung 960 SSD over the USB 3.1 front port. Here are the CrystalDiskMark results on the front USB 3.1 port:
The DiskAshur2 features pretty decent read-write speeds that are ample enough to fill its internals at a comfortable enough pace. The sequential read and write speeds (which is what you will get when you are transferring data btw) are pretty comparable to standard SSDs (which get around 500 read-write) while the random read writes are more USB-like. This is because the data is being transferred over the USB 3.1 port and nothing to do with the SSD. This also means that it's probably not a good idea to run an entire OS on it - but is good for just about everything else.
We also put the SSD through its paces through HDTune and saw similar results. it has an excellent access time of 0.140 ms (in comparison an HD has an access time of roughly 15 ms). Transfer rates are also sustained throughout transfers which means you won't get a faster speed at the start which degrades over time - this performance will sustain itself throughout the SSD's life.
The iStorage DiskAshur2 provides excellent value for money for the security conscious aficionado and does not sacrifice any performance to achieve security. Every aspect of the design - from encryption fallbacks to physical ruggedness are a showcase of how much thought went into its development. Coming from the company that brought us the world's first portable encrypted storage (DiskAshur Pro) this is hardly surprising. Here is the best part though: I think the value here might actually be more than what the user expects because as far as I can see, the only difference between the Pro and non-Pro variants is the presence of certifications - not the underlying tech.
The DiskAshur2 provides serious military-grade encryption in a non-performance degrading package that should be perfect for the average consumer.
- Dedicated on-board encryption hardware
- Self-destructs data and encryption keys if a brute-force attempt is detected
- Encryption keys are also encrypted at rest
- No performance degradation
- USB 3.1 integrated cable
- Very rugged
- Self-destructs data and encryption keys if a bruteforce attempt is detected
- Pricey compared to non-encrypted SSDs