Security Levels of USB Copy Protection Solutions and Their Use
written by Simon
USB copy protection solutions prevent users from unauthorized distribution of content stored on a USB flash drive. However, it is not hard to find unauthorized distributed multimedia files via the internet, despite having been originally made using CD/DVD copy protection solutions. Clearly, some copy protection solutions cannot fully protect content against sophisticated digital piracy, and the solutions have different security levels according to the difficulty of creating the unauthorized copy. Therefore, the copy protection solution should be carefully chosen according to the nature of distributed content and how much damage the unauthorized copy can give to a business. In other words, you do not need to use expensive copy protection solutions for protecting content that is not as valuable to a malicious user, while you must use expensive solutions for protecting valuable corporate information.
Using a custom file explorer is one of the simplest ways to accomplish copy protection. Distributed files are located in a virtual drive, and a user can access and view the files only through the custom file explorer. To prohibit unauthorized copying, the menu for copy and print can be disabled in the explorer. These kinds of solutions are relatively cheap and consist of simple features. There is not the concept of ‘master content’, which is necessary for mass distribution. A user should put the content onto a USB flash drive one-by-one to make distributed USB flash drives. You should verify the security level of these kinds of solutions in the following three ways:
First, after plugging the USB flash drive containing content into a PC, open a command window with the administrator’s privilege and see if you can view the name and location of the file. If the file is hidden in a virtual drive, it can be easily copied by the ‘copy’ command in the command window. If the file or the header of it is encrypted, you can easily copy it, too, but the copied file is useless without the custom file explorer.
However, even in the above case, these kinds of solutions have a crucial disadvantage in which the content can be easily copied by a USB duplicator using sector-by-sector cloning. Therefore, you have to choose the solution that requires USB flash drives with serial numbers, which prevents sector-by-sector cloning by allowing only one unique distributed content for only one unique USB flash drive according to its serial number. Then, even if the USB flash drive is sector-by-sector cloned, it cannot work because the serial number of the new USB flash drive is different from the original.
Finally, there are other ways besides copy and print to duplicate original content. For example, in MS Word, you have to check if you can use transfer as a PDF or save to web. It is somewhat hard to control by using a custom file explorer, so the option might be available for unauthorized copy.
The second popular way for copy protection is using a custom file viewer. This solution offers a custom file viewer to access and view encrypted content, which is transformed as a PDF-like format. A USB flash drive stores the viewer and the encrypted content. These kinds of solutions generally go with their own exclusive USB flash drives, which have serial numbers so that they can be safe from sector-by-sector cloning. There is not the concept of ‘master content’ for mass production and distribution and recognized as a relatively secure way of using software encryption to distribute a simple file.
The third way controls the functions of applications at the OS kernel level for copy protection. A USB flash drive stores the security policy for a user and the encrypted files to distribute. When the user puts the USB flash drive into a PC to view the files, an agent is installed on the PC that controls the user’s rights according to the security policy saved in the USB flash drive. In this method, all the original functions of the applications can be available, while copy, print, screen capture and network transfer can be controlled according to the security policy. The file encryption and decryption process happens quickly during the application. It is proper to distribute a complicated content which is consist of multiple files. Only Secudrive USB Copy Protection adopts this method. It requires a USB flash drive with its own unique serial number. It has the concept of ‘master content’ for mass production and distribution. It can update files after distribution. It is appropriate to distribute sensitive content, which can be used just like the original with hundreds or thousands of branches or partners in the enterprise. It is recognized as a relatively secure way using software encryption.
Meanwhile, Secudrive USB Office and CAD adopts hardware encryption using an encryption chip equipped in the USB flash drive, so that it can be perfectly suitable for distributing and sharing of sensitive corporate information through USB flash drives. Since the federal government and agencies are recommending using hardware-encrypted USB flash drives, it is certainly recognized as the most secure. In addition, it is possible to freely edit MS Office files containing sensitive management information and CAD files, such as AutoCAD and CATIA containing new product drawings, under copy-protection features. Moreover, the file activity in the USB flash drive can be monitored in real time through the internet. When offline, the logs are stored in the secure area on the USB flash drive, and they can be seen when the network is connected. When the USB flash drive is lost or stolen, the data on it can be destroyed through the internet. It will be useful when sharing proprietary information in small or medium groups. Of course, it is the most expensive.