Cruzer Enterprize 1GB

by SanDisk

Product Details

• Product Dimensions: 1.1 x 6.8 x 4.5 inches ; 2.1 ounces
• Shipping Weight: 2.4 ounces
• Shipping: Currently, item can be shipped only within the U.S.
• ASIN: B000SAF5OI
• Item model number: SDCZ22-001G-A75
• Average Customer Review: 3.0 out of 5 stars  See all reviews (1 customer review)
• Date first available at Amazon.com: July 7, 2004

Product Description

Cruzer Enterprise is a USB drive specifically designed to meet the unique security compliance and manageability needs of enterprise-size businesses. It does not rely upon users to decide which files to secure. Instead it requires mandatory access control for all files storing them in an encrypted password-protected partition. This ensures security and protects stored data in the event of device loss or theft. Cruzer Enterprise features ultra fast transfer speeds a simple interface and the ability to plug-and-play. It's intuitive and practical enough for users to start using immediately. With hardware based encryption and mandatory access control Cruzer Enterprise helps IT managers more effectively protect information on company issued portable storage devices.

Customer Reviews

Most Helpful Customer Reviews

1 of 1 people found the following review helpful:

3.0 out of 5 stars Mandatory passwords appear on FIPS flash drives, December 7, 2008

By 

A reader (USA) - See all my reviews

With this new breed of flash drives comes the kind of basic password protection that is built into most cell phones for free plus the safety of tamper-resistant encryption for the data. This is answer to many government agency and corporate prayers since they have the ugly reputation of compromising private data. Every year tens of millions of personal records are lost, stolen or sold outright to criminal elements according to NIST.
A Sandisk specification white paper tells us all information on the Cruzer Enterprise (aka "FIPS edition") is securely stored and encrypted with 256-bit AES hardware-based encryption and a sophisticated password protection front end. In addition, the Cruzer Enterprise includes a "lockdown" mode for enhanced security. This lockdown feature will lock the Cruzer Enterprise whenever you exceed a maximum number of ten password attempts. In the event that the device is locked, the device must be reformatted to enable operation. All data on the Cruzer Enterprise will be erased. If you click the "Forgot Password" link on the SanDisk login screen you will get the following clear message: "In order to protect your data, you Cruzer Enterprise will be formatted and all data will be erased." If you start trying to guess a password, you are warned that the drive will be locked permanently after four more tries.
Unlike many other Sandisk products, this one is Vista compatible and has passed the Microsoft WHQL hardware testing. The encryption is said to meet FIPS 197 AES engine (CAVP certificate #464)
There are a number of helpful pdf white papers with specifications, troubleshooting tips, etc.
Passwords for the Cruzer Enterprise must be a minimum of 6 characters and must contain at least three of the four character types - uppercase letters, lowercase letters, numbers, and special characters.
A SanDisk news release claims that after 2008 the SanDisk Cruzer Enterprise will be protected with anti-malware protection from McAfee.
You won't be as likely to lose the cap, because it much more snug than than most other products and the cap is designed to serve as a pocket clip similar to one on a pen that will secure the flash drive snugly to clothing. The 8 GB version retails for the bargain price of $509. There is a hoop for a lanyard on the cheap plastic case, but it is curious that for such a high price there are no amenities such as a lanyard or a USB extension cord. It does not appear to be Macintosh compatible.
Just the thing for privacy buffs with sneak and peek enforcement and all.
A competing product from Kington called the Data Traveler Blackbox also supports the FIPS (Federal Information Processing Standard) 140-2 Level 2 encryption standard used by the Sandisk FIPS edition.
Also Verbatim has the Store N Go Corporate Secure USB Drive FIPS Edition. The bigtime security sites like csoonline, securityfocus and wilderssecurity seem to pretty much ignored this type of product for some reason. Perhaps the lack of a master password that would allow the admin to get back in when the employee leaves would help. The bigger question is can an IT department provide software that will disallow all but FIPS flash drives from being recognized by the operating system. In todays HIPAA, SOX environment IT needs a total solution.
During the four step installation process that occurs when you first plug the drive into your computer, you will be prompted to restart your computer. You must have permissions to create registry keys for the install to succeed.
The multilingual interface supports English, French, German, Italian, and Spanish. In addition to the hundred word quickstart instructions given on the package insert there is an 18 page acrobat Cruzer Enterprise Drive User Guide all in English on the drive itself. During setup you are able to post contact info, or a reward offer note to the login screen. Once setup is complete every attempt to login with a password is logged to a text file in the data partition of the flash drive.
It is implied in the User Guide that because hardware based encryption stores keys internally on the device that you will be protected from "Software and hardware debuggers [that] can monitor the software and capture the private key for rogue use." This is, of course, ridiculous and keylogger tools will still be able to capture the password. You don't need the private key once the password is known.
Then again anyone can install free encryption software like TrueCrypt or DriveCrypt on an inexpensive thumb drive and achieve basic protection, the problem is compliance. With FIPS drives the drive is unusable until the password has been entered.