Tech Review: iStorage diskAshur2

The iStorage diskAshur2 is an industry-leading external hard drive for the security-conscious consumer.

The iStorage diskAshur2 is an industry-leading external hard drive for the security-conscious consumer. A relatively simple to use ultra-secure portable USB 3.1 hard drive, the diskAshur2 works across all operating systems including MS Windows, macOS, Linux, Android, Chrome, Thin Clients, Zero Clients and embedded systems and forms part of a family of encrypted external drives.


Established in 2009, iStorage has developed into a trusted global leader of PIN authenticated, hardware encrypted data storage devices. The company’s range of products includes solid state drives, USB flash drives and hard disk drives from which it delivers innovative solutions with military grade encryption levels.

Indeed, recently iStorage announced that its diskAshur PRO² (the big brother of the diskAshur2) and the diskAshur DT² desktop HDD passed rigorous tests to become officially certified to NATO Restricted level. That means it is included in the NATO Information Assurance Product Catalogue (NIACP) as world-leading secure storage devices that will be used by NATO nationals and NATO civil and military bodies.

On the news, CEO of iStorage John Michael said this was a huge accolade for the company. “It makes us extremely proud to have the diskAshur PRO² and diskAshur DT² listed in the NIAPC catalogue to NATO Restricted level. This a fantastic achievement and testament to the many years of research and development that iStorage has invested in developing the diskAshur PRO² and diskAshur DT², products that we believe to be the most secure PIN authenticated, hardware encrypted hard drives and solid state drives currently available.”

iStorage is working towards achieving FIPS 140-2 level 3 certifications putting it in a unique position to reassure consumers, business and government organisations internationally of the robust level of data protection offered within its products. Indeed, its continuing research and development in the fast moving world of data protection and secure storage, coupled with industry-leading manufacturing processes, enables it to deliver high-performance products in capacities ranging from 4GB up to 10TB, and able to work on any USB device and compatible with any platform, operating system and embedded device.

Proudly, in March this year, iStorage became the first manufacturer to gain NCSC CPA and NLNCSA BSPA certifications for its diskAshur PRO² and diskAshur DT² desktop hard drive, making them the world’s first and only NCSC CPA and NLNCSA BSPA certified hardware encrypted HDDs & SSDs.

What is the iStorage diskAshur2?

The iStorage diskAshur2 is an industry-leading external hard drive for the security-conscious consumer. A relatively simple to use ultra-secure portable USB 3.1 hard drive, the diskAshur2 works across all operating systems including MS Windows, macOS, Linux, Android, Chrome, Thin Clients, Zero Clients and embedded systems and forms part of a family of encrypted external drives. The diskAshur2, which comes in a range of colours and sizes up to 5TB, boasts the unique offer of a dedicated hardware based secure microprocessor which underlines its effectiveness as a secure device with multi-layered protection mechanisms that can fend off anything from a bypass attack to external tamper.

The diskAshur2 has a keypad design enabling you to securely access the drive with your own unique 7-15 digit PIN and with software free setup and operation. GDPR compliant, unlike other solutions, the diskAshur2 reacts to an automated attack by entering the deadlock frozen state, which renders all such attacks as useless. That means without physically imputing your unique pin, there’s no way to access the device.

Is the iStorage diskAshur2 for me?

For some consumers, the iStorage diskAshur2’s extra level of security will be over doing it – particularly at this price point – so it’s not for everybody. But if you’re considering a device such as this, the diskAshur2 is a worldwide leader and here’s why.

Firstly, let’s look at the core components: it features a common criteria EAL4+ ready on-board security processor, boasts FIPS PUB 197 validated encryption algorithm (meaning the device seamlessly encrypts all data on the drive in real-time, keeping your data safe even if the hard drive is removed from its enclosure) with real-time military grade AES 256-bit XTS full-disk hardware encryption and the added bonus of requiring no software or drivers with 100% hardware encryption.

So, unlike software-based encryption schemes, the iStorage diskAsgur2’s security layer is in-built into the hardware. That means no obvious degradation in speed when the device reads/writes while simultaneously encrypting and decrypting. Indeed, the device manages to achieve quick USB 3.1 data transfer speeds of 148 MBps (Read) and 140 MBps (Write). iStorage diskAshur2 is also backwards compatible with USB 2.0 and 1.1 ports.

These aren’t the fastest speeds I’ve witnessed from an external hard drive but those wishing for a quicker read-write have the optuion of sticking with iStorage’s solid state version.

The security component employs physical protection mechanisms to protect itself from any external tamper, bypass laser attacks and fault injections and incorporates active-shield violation technology.

More specifically, the secure microprocessor reacts to all forms of automated hacking attempts by entering the deadlock frozen state where the device can only restart through a ‘Power On’ reset procedure (i.e. power off/power on). The security lock feature protects the device against any unauthorised firmware modifications from the host side (fully protected against BadUSB).

The diskAshur2 uniquely incorporates a secure microprocessor providing secure algorithms to encrypt both the data and the encryption key, giving you confidence that your data is protected to the highest standards at any given time.

The added security of the diskAshur2 gives peace of mind

The iStorage diskAshur2 is intelligently programmed to protect against all forms of Brute Force attacks. It’s been developed to deter persistent attackers who see the drive freeze after five consecutive incorrect PIN entries. This requires the drive to be disconnected and reconnected to the USB port to get a further five PIN entry attempts. If a further five (10 in total) consecutive incorrect PIN attempts are entered again, the diskAshur2 will freeze again.

To get a further and final five PIN attempts (15 in total), the “shift” button must be pressed whilst inserting the USB cable to the USB port and then an iStorage preset PIN will need to be entered. Once you reach the 15th consecutive incorrect PIN entry the device concedes that it is under an attack that will not stop and deletes the encryption key and locks itself. This renders all previously stored data permanently lost. The device can still be used but it must be reset to factory settings.

You can also pre-programme the diskAshur2 with your own unique Self Destruct PIN which, once implemented, instantly deletes the encryption key, all PINs, data and then creates a new encryption key. And the iStorage diskAshur2 also employs a useful drive reset feature, which can be implemented with a unique command. This clears all PINs and data, and creates a new randomly generated encryption key, enabling the drive to be reset and redeployed as many times as needed.

In addition to incorporating a secure microprocessor, encrypting the data and the encryption key, the diskAshur2 adds another barrier between your data and a hacker. All the components of the diskAshur2 are completely covered by a layer of super tough epoxy resin, which is virtually impossible to remove without causing permanent damage to the components. This barrier prevents a potential hacker from accessing the critical components and launching a variety of futile attacks.

Looking Good

It’s a robustly designed piece of kit. The rugged drive is well-built and rated IP56 for water and dust resistance. The keypad’s epoxy coating provides water resistance as well. The drive comes in four colour options: Phantom Black, Ocean Blue, Fiery Red, and Racing Green.

The rubberised exterior measuring 124 x 84 x 20mm feels strong and sturdy while the size is typical for the market. You’ll notice three LEDs above the keypad to signify the device’s security state which will be either Standby/Locked, User/Unlocked or Admin Mode. On the side there’s a Kensington lock for physically securing the device adding to the security measures considered by iStorage.

Capacities include 128GB, 256GB, 512GB, 1TB, 2TB and a whopping 5TB. We tested the 1TB model.

The iStorage diskAshur2 ticks all the boxes

If you’re looking for an external hard drive with top quality credentials then the diskAshur2 is your ideal solution. For me, it offers unrivalled hardware-based security through a combination of reliable encryption mechanisms that prevent attack and a robust build that protects against damage.

Yes, it’s on the expensive side, and if you’re not interested in such high level security there are cheaper options out there, but I’ll refer you back to our section on reputation. iStorage has spent years developing this hardware and has delivered a solution consumers can rely on.

As iStorage states, “without the PIN, you don’t get in”. The diskAshur2 offers hardware encryption that beats its rivals for encryption levels and ensures your data is protected.

About the Author
Rory Fish has loved movies since he can remember. If he was to put together an "all time" top 10 of absolute favourites it would have to include North By Northwest, 12 Angry Men and Sunset Boulevard.

Leave a Reply