Let’s take a quick look at the options for security of a USB Token. Perhaps the most important thing to determine is whether the token is a flash drive that operates as a regular hard drive or an authentication device that basically has the same insides as a smartcard. After that, you can have:

• strong authentication via biometric (fingerprint is most popular)
• encrypted file system
• programs that install with the driver to install a virtual machine window and contain activity
• programs that kickoff a scan of the host system
• programs that protect against keyloggers by re-routing the keystrokes to the appropriate window
• programs to erase all traces of the drive after it is removed

On the host side of the USB equation, there are a handful of solutions that can 1) delineate between a flash drive and some other USB device; 2) monitor the data that is being shared with the drive; 3) block access based on device identity (and possibly other attributes).