iStorage’s cloudAshur is a $128 [via Amazon] rugged hardware key for Macs and Windows PCs that stores encryption keys (AES-ECB or AES-XTS 256-bit) and authenticates your Mac when you plug it into a USB port.
Give each employee a key and the cloudAshur software, and both local files and files stored in the cloud and shared with colleagues via cloudAshur can be encrypted. They can only be viewed or edited after the physical key is placed into a USB port, a 7-15 digit PIN typed in on the keypad, and a username and password entered into the cloudAshur software to sign into the cloud account. An attacker who successfully phishes for the cloud storage credentials will only see encrypted .IST files that they can’t open or even preview — and so will the user until they plug in the USB key, enter the PIN and sign in.
The inconvenience of having to do all that just to get some work done is balanced by the way cloudAshur brings together files from different cloud services. You see an extra cloudAshur drive in Explorer or the Finder with virtual folders for each cloud service you use, with the files that have been shared with you, and you drag files you want to encrypt into the folder.
MacDailyNews Take: With cloudAshur, you hold the key to your data. Literally.
No USB-C versions?
And then you lose the key (or have it stolen); or it dies on you.
Sorry, after having dealt with all the problems of software locked down by a dongle, not sure I’d trust something like this.
Of course, there is the whole “If you’re worried about security, why are you storing things in the cloud?” angle, too.
This is a non-issue and can be easily mitigated with a seconday key.