Over the years, we have reported on a lot of the secure drives provided by iStorage. You can read all of our reviews here. Today, they are back with the newest addition to the diskAshur family, the diskAshur PRO3.
Disclosure: Apple Tech Talk participates in various affiliate marketing programs and may receive compensation if you purchase a product through one of our links, and/or in the form of product donations from the companies whose products we review . Unless otherwise specifically stated, Apple Tech Talk does not receive any other compensation for its reviews. The opinions expressed are based solely on our independent testing, are our own and are not shared with anyone prior to release on our site.
Pros Cons 8 – 64 digit PIN protection Can’t put drive back into Initial Shipment State AES-XTS 256-bit hardware encryption FIPS 140-3 Level 3 Validated Can be customized to meet individual needs
diskAshur PRO3 – Unboxing
Everything that iStorage makes is all about security and like every other iStorage product we have reviewed, it starts with the packaging.
The diskAshur PRO3 package is sealed with the usual blue iStorage security seal. We have tried multiple ways to remove the tape or otherwise open the packaging without leaving evidence that it has been tampered with. We have never been successful.
If the recipient of the diskAshur PRO3 doesn’t receive their package with the undamaged seal, they will know the security associated with the package and its contents have been potentially compromised.
That is not to say that something bad has happened. We can think of many use cases where a system administrator may open the packaging to preload data onto the drive, set an Administrator PIN and a User PIN, and then repackage the device to send it to the end user. But if that was the case, the end user should know what to expect, and there would no doubt be prior communication to that user.
In the box is the diskAshur PRO3, a USB-A to USB-C cable, a USB-C to USB-C cable, a wrist strap which attaches to the hard case and a Quick Start Guide.
We appreciate that iStorage included both a USB-A and USB-C cable in the case since we are living in an environment that still uses both cable styles.
The included cables are about 20” tip-to-tip. That may be a little short for everyday use but we recognized the point of including cables is to have what you need if you travel with the drive. We would expect that almost everyone has either or both cables available in longer lengths at their primary location.
The included Quick Start Guide has just enough information to get you up and running, and give you access to the drive. Once connected, you will find a comprehensive User Manual on the drive which provides well illustrated details for everything the drive is able to do.
We think it is time well spend to give the User Manual a close read, as there is a lot you can do with this drive. We also suggest keeping a copy of the drive on your computer since you may need to access it without the drive contents being available.
If you would like to preview the full manual, it is available on the iStorage web site here.
diskAshur PRO3 – First Use
When we first started reviewing iStorage products, they came with a pre-configured PIN out of the box. While we don’t know for sure, we suspect iStorage found that many people never bothered to change the default PIN before using the drive. This, of course, creates a big security issue.
The diskAshur PRO3 like some of the other recent iStorage products we have reviewed, comes out of the box in an “Initial Shipment State” with no preset Administrator PIN. This forces the user to set their own unique PIN before they can use the drive.
To create an Administrator (ADMIN) PIN, it must meet the following requirements;
- Must be between 8-64 digits in length
- Must not contain only repetitive numbers, e.g. (3-3-3-3-3-3-3-3)
- Must not contain only consecutive numbers, e.g. (1-2-3-4-5-6-7-8), (7-8-9-0-1-2-3-4), (8-7-6-5-4-3-2-1)
- The SHIFT key can be used for additional combinations e.g. (SHIFT (Unlock Key) +1 is a separate value to just 1).
Like most other keypads, there are the usual corresponding letters associated with each key, so you can use a word or phrase as the ADMIN PIN, which may be even more secure than just numbers.
To get started, connect the drive to a powered USB port. We used a USB-C port in a powered hup, connected to our MacBook Pro with no issues. The Red and Green LEDs will light up. This is an indication that the drive is in the Initial Shipment State.
Follow the steps in the Quick Start Guide to create your ADMIN PIN. This will unlock the drive and it is ready for use.
If you are using the drive yourself, that may be all you need to do. If you intend to share the drive with others, you may want to create a USER PIN to prevent others from accessing the many ADMIN options available.
Our one complaint is that there doesn’t seem to be a way to put the drive back into its Initial Shipment State. We even tried reformatting the drive but that didn’t work either.
This may not be an issue for most users, but in a business environment, where a system administrator may want to provision the drive with data, and send it to another administrator in another office, it would be nice (and probably more secure), if the drive was in its Initial Shipment State.
diskAshur PRO3 – Regular Use
To use the drive, you only need to connect it to a powered USB port, and enter the appropriate PIN.
At that point, the drive will show a solid green LED and will be mounted on your desktop and/or listed on your Finder sidebar.
From this point forward, the diskAshur PRO3 works like any other external drive. The big difference is, with all of the built-in security features, you can rest easy that should something happen to the drive, your data is secure. As iStorage says, “without the PIN, there’s no way in.”
Like all other iStorage products, the diskAshur PRO3 is OS and platform independent. The drive can be configured in any format supported by your computer and can even be used cross-platform between a PC and Mac if formatted for that.
diskAshur PRO3 – Security Features
We could write a book on all of the features available in the diskAshur PRO3. Instead, we’ll just give you a brief description of some of the more important features.
Set User PIN – In addition to the ADMIN PIN, a USER PIN can be set with certain PIN requirements. An Admin can set the minimum length of the PIN as well as whether it must contain a special character or not.
Set a One-Time Recovery PIN – This is a special PIN that can be used if a user forgets their PIN. The user PIN recovery process does not impact the data, encryption key and Admin PIN, however the user is forced to configure a new 8-64 digit User PIN.
User Read-Only Mode – In those cases where data should not be changed, the administrator can set the USER PIN to be Read-Only. Once set, only the administrator can write data to the drive. There is also an option to set the drive to Global Read-Only mode. In this state, not even the administrator can write to the drive, although using the ADMIN PIN, an administrator can remove the Global Read-Only restriction.
Self-Destruct PIN – If there is a concern that a user of the drive could be forced to unlock the drive for use by others, the administrator can set a self-destruct PIN. This process deletes all configured PINs and renders all data stored on the drive as inaccessible (lost forever), the drive will then show as unlocked GREEN LED. Running this feature will cause the self-destruct PIN to become the New User PIN and the drive will need to be formatted before it can be reused.
Brute Force Attack Defense – The diskAshur3 incorporates a defense mechanism to protect the drive against a Brute Force attack. By default, the brute force limitation for Admin PIN and User PIN is set to 10 consecutive incorrect PIN entries, for the Recovery PIN it is 5. Three
independent brute force counters are used to record the incorrect attempts for each PIN authorization. If a user enters an incorrect Admin PIN ten consecutive times, (broken down into 5,3,2, clusters) the drive will be reset and all data will be lost forever. If a user enters an incorrect Recovery PIN or User PIN and exceed the respective brute force limitation, the corresponding PINs will be cleared but the data will still exist on the drive.
There are special features built in for the ADMIN PIN which are fully explained in the User Manual.
The Bottom Line
With cyber and data security top of mind for both personal and corporate users, it’s important to take extra steps to ensure your data is fully protected, especially if you take your data with you when on the go.
The iStorage diskAsure PRO3 provides all the protection you need in just about any situation, to ensure your data remains yours and that other individuals can’t get access to it.
As iStorage says, without the PIN there’s no way in.
The diskAshur PRO3 is available in in both HDD and SSD styles, starting at 500GB for a HDD, all the way up to 16TB in the SSD style. It is also available in green, blue, red and black case colors.
The iStorage diskAshur PRO3 is available in both HDD and SSD configurations from Amazon here.
We would like to thank the folks at iStorage for providing a 2TB diskAshur PRO3 for our testing and review.
How do you secure your data when using an external drive? Why not join the conversation and leave a comment below.
If you liked this article, please consider sharing it with your friends and leaving a comment below. Also, don’t forget to “Like” us on Facebook, “Follow Us” on Twitter and add the Apple Tech Talk channel to your Apple News app.
And if you haven’t subscribed to Apple Tech Talk, now would be a great time to do it so. Just scroll down to the form below and enter your name and email address. Then you’ll receive a notification whenever we post new articles. Don’t worry, we never sell or share your information. While you’re at it, check out our YouTube channel (here) where you will find video on interesting products any Apple enthusiast would love.
Apple Tech Talker



Leave a Comment
You must be logged in to post a comment.