Every effort has been made to ensure the accuracy of all information contained herein. e-nitiative shall not be liable for any changes resulting in wrong product description, tax code and/or price. The shown information (specifications, prices, taxes) should be considered as an indication and can be changed at any moment and without any prior notice.
RS-DATA bvba
Onze lieve vrouw ten steenstraat 1
B-3300 Tienen
Belgium
Telephone : 016/820712
VAT : BE 466.551.192
Kingston IronKey D500S hardware-encrypted USB flash drive FIPS 140-3 Level 3 (pending) certified, XTS-AES 256-bit hardware encrypted, rugged zinc casing
The Kingston IronKey™ D500S/SM USB flash drive features flagship military-grade security that makes IronKey the most trusted brand to safeguard classified information. It is FIPS 140-3 Level 3 (Pending) certified with new enhancements from NIST requiring secure microprocessor upgrades for stronger security and attack protections for government and military uses. Data is encrypted and decrypted on the D500S without any trace left on the host system. Along with hardware-based XTS-AES 256-bit encryption, it features a rugged zinc casing which is waterproof1, dustproof1, crush-resistant and filled with special epoxy to protect internal components from penetration attacks.
IronKey D500S is an essential pillar in meeting Data Loss Protection (DLP) best practices with the toughest military-grade security for compliance with data encryption laws and regulations such as GDPR, HIPAA, SOX and CCPA. D500S offers more features than any other drive in its class, making it a complete security solution for high-value data protection.
D500S self-tests upon bootup and the detection of over-temperature or voltage conditions will lead to drive shutdown. For added peace of mind, D500S incorporates digitally-signed firmware, making it immune to BadUSB malware and brute force attacks. Brute force password attack protection is always on to guard against password guessing and will ultimately crypto-erase the drive if invalid password retries are exceeded.
It offers a Multi-Password option to access data, which supports up to three passwords: Admin, User and One-Time Recovery. Admin can reset a User password and also enable a One-Time Recovery password to restore access if the User password is forgotten.
D500S supports traditional Complex password or Passphrase mode2. Traditional Complex mode allows for passwords from 8-16 characters using 3 out of 4 character sets. Passphrases can be from 10–128 characters long. This could be a sentence with space characters, list of words or even lyrics to make it easier to remember meaningful yet very secure passwords. FBI recommends multi-word passphrases of 15 or more characters as being stronger yet easier to remember than complex passwords.3
D500S includes an industry-first Dual Hidden Partition option where Admin can create two custom-sized secure partitions for Admin and User, thereby allowing for a Hidden File Store that can be used to provision files to the User partition as needed. When using untrusted systems or sharing the drive, the Hidden File Stores keep their data secure and invisible unless properly accessed.
With a special key sequence, Admin can enter a Crypto-Erase password that will crypto-erase the drive, destroy the data forever and reset it to prevent unauthorised access.
To assist users with keyboard issues, all password entry screens include an Eye symbol that will display the password entered to reduce typos. A virtual keyboard is also available in English4 to shield password entry from keyloggers and screenloggers.
D500S also supports two levels of Read-Only (Write-Protect) modes. Both Admin and User can set a session-based Read-Only mode to protect the drive from malware on untrusted systems. Admin can also set a Global Read-Only mode that sets the drive in Read-Only mode until reset.
It also delivers fast performance without compromising security. The drive includes a unique 8-digit serial number that is the same electronically as the number engraved on the casing, with a scannable bar code for drive deployment or auditing purposes.
D500S offers many customisation options, is TAA/CMMC compliant and is assembled in the USA.
Managed model
Kingston IronKey D500SM (M = Managed) drives require SafeConsole5. This allows central management of drive access and usage across a fleet of drives for larger enterprises or governments. An Optional-Managed version is also offered as a customisation.
Military-grade hardware-encrypted USB drive
FIPS 140-3 Level 3 (Pending) certified XTS-AES 256-bit encryption with secure microprocessor upgrades for stronger security. Built-in protections against BadUSB and brute force attacks. New drive self-tests upon bootup and the detection of over-temperature or voltage conditions leads to drive shutdown.
Multi-password option for data recovery
Enable Admin, User and One-Time Recovery passwords. Admin can reset a User password and enable a One-Time Recovery password to restore User’s access to data if the User password is forgotten.
Complex or Passphrase mode
Select between Complex or Passphrase mode. Passphrases can be complete sentences, multiple words or even lyrics that only you remember – from 10 to 128 characters long. An Eye symbol for all entered passwords helps reduce typos.
Industry-first Dual Hidden Partition option
Admin can create two custom-sized Dual Hidden Partitions for Admin and User for a Hidden File Store to keep data secure and invisible unless properly accessed. Dual Hidden Partitions can provide additional security on untrusted systems or when drive sharing is required.
Crypto-Erase Password for emergencies
The Crypto-Erase password is for emergencies where a data breach is anticipated. It will wipe encryption keys, delete all data forever and reset the drive.
Rugged casing built to toughest Ironkey standards
Zinc casing that is waterproof1, dustproof1, crush-resistant and epoxy-filled for physical tamper-resistant security.
Fully customisable
Enable, disable, modify drive features and profile. Co-logo.
Global and Session Read-Only (write protect) modes
Both Admin and User can set a session-based Read-Only mode to protect the drive from malware on untrusted systems. Admin can also set a Global Read-Only mode that sets the drive in Read-Only mode until reset.
128 GB
USB Type-A
3.2 Gen 1 (3.1 Gen 1)
260 MB/s
190 MB/s
Windows 11, 10, macOS 10.15.x – 13.x, Linux 9 Kernel 4.4+
Cap
Black
Crash proof, Dust resistant, Waterproof
Yes
Yes
IPX8
1.2 m
Yes
256-bit AES-XTS, FIPS 140-3
Yes
Yes
Yes
Yes
Password reset
0 - 50 °C
-20 - 85 °C
Yes
Trade Agreements Act (TAA)
77.9 mm
12 mm
21.9 mm