Storage Effect

DFS-hidden data can be found by Microsoft Vista, Word and Google Desktop

You may be in denial if you think a Deniable File System (DFS) will fully secure your data.  So says Byte and Switch today, based on a study by British Telecom’s Bruce Schneier and a team of researchers from the University of Washington.  They were able to expose DFS-hidden data with Microsoft Vista, Word, and Google desktop.  

Fully ecrypted hard drives are not affected

Don’t worry -  this chink in data security does not apply to drives using Full Disk Encryption (FDE) .

Cool, but encryption is a kindler and gentler way to retire disk drives

Blocks and Files highlighted this very physical solution to a data management problem: how to be sure sensitive data on retired disk drives never again sees the light of day.  It’s a do-it-yourself version of industrial disk crushers.

Verity’s quite excited about the Hard Drive Destroyer, and I know it fills a desperate need.  But it’s not very resource-efficient nor environmentally friendly.  That’s a perfectly good drive!  Can’t someone else use it? 

The renewable alternative: self-encrypting hard drives like the Momentus FDE and BlackArmor.  When it’s time to retire, throw away the AES-grade encryption key, and Poof! - what was once written will never be seen again.  Certifiably so. 

Momentus FDE is a notebook drive. The first enterprise FDE drive will be the Seagate Cheetah 15K .  Stay tuned.

Who’s destroying drives out there?  Anyone willing to admit they’re ignoring this problem and reusing drives?  

Treat your customers’ data like money, or suffer the consequences

Digital content is the new currency.  Want proof?  Substitute ”a pile of cash” for ”data” in the following stories:

• Thieves targeted a security van yesterday and stole confidential data backup tapes.  A new market for Brinks trucks?
• iosafe disk drives keep data safe in a fire or flood. 

How good of a bank vault is your solution?

It’s a new way to think about what you do for your customers.  You are processing and storing your customer’s liquid assets.  Your solutions need to reflect that reality, or you may end up having to help them recover from a nasty surprise.

An alternative to “Old School” bank vaults and security guards for data is encryption.  Seagate’s Maxtor BlackArmor drives are better than a loaded gun in keep thieves out of your stuff.  Without the password, NO ONE can get to your data.  Period.

Who’s had data irretrievably lost or stolen?  How did you recover?

Maxtor Safety Drill automates the complex PC recovery process

No, I’m not going to get all technical. 

I don’t have to, because there’s now an out-of-the-box Bare Metal Restore solution for almost anyone.  Seagate’s Maxtor One Touch external drives have a feature called Safety Drill, a system-level recovery capability that does all the messy work for you. 

Why should you care?  You (or your customer) can now bring a crashed PC back to its original state (image) without getting dirty. 

• No manual rebuilding of files, directories, or software applications piece by piece. 
• No wondering if you remembered everything that was on your PC before it died. 

Reseller Advocate Magazine recently posted a video on how Safety Drill works.

This is a big step forward for backup - and recovery in particular.   Look even smarter with your customers (or family) without having to take another technical how-to class.

Storage is rising in importance for solutions, according to attendees

I’m at the Intel Channel Conference today in Minneapolis.  Looks like 100+ solution providers here.  I’ve been having lots of real-world, thought-provoking conversations. 

Takeaways

• I’m not overstating the sea change in storage requirements for homes and businesses.  For these guys, storage is now on par with processors, networking and software in enabling solutions.
• Data recovery is a growing need.  Solution providers prefer a local option to avoid the “send away and pray” effect.
• SSD is a popular topic, but lots of head nodding when I suggest that the first real killer app will be enterprise, not laptops.
• Notebook augmentation is a growing business for solution providers: buy off the shelf, customize with storage, software, services. 

High performance laptops are in

By the way, 7200 rpm drives look to rapidly ramp in notebooks this year as users look for desktop performance.  Consider getting in ahead of the crowd.  The drives are readily available.

Who’s using 7200 rpm today?  Are your customers asking for it?

FDE will mean less crushing and more re-using of disk drives 

The Minneapolis Star Tribune profiled two local companies that have thriving businesses destroying retired disk drives.  The process is startling similar to the metal crushers used in junk yards. 

If you had any doubt that erasing data from a drive doesn’t really erase it, read this article. 

Video of a drive shredder in action

Seagate will ship about one billion disk drives in the next five years.  Imagine if they all had to be crushed and recycled when they are retired? Or worse yet, thrown in a junk pile somewhere?

An exciting feature of the industry’s new Full Disk Encryption technology is that drives can be erased with absolute certainty by simply deleting a password.  That means that still-functional retired drives can be resold as “gently used” drives. 

Make room next to that used car lot!

FDE is currently available on notebook drives like the Seagate Momentus FDE, and it will be coming soon to servers and storage systems near you.

When you get rid of a drive, do you erase it, crush it, or cross your fingers?  Let me know!

Hardware-based encryption is an important weapon in the defense of data at rest

If the National Security Agency says Seagate’s Momentus FDE self-encrypting hard drive is secure, I don’t need any more convincing. 

It really is a cool drive, with full AES encryption of all data within the drive, all without any slow-down in performance. 

And it can’t be hacked the way software-based PC data encryption schemes can. Just don’t lose your password!  That’s why key management is such an essential part of notebooks using of these drives.

Bonus benefit: you can instantly and thoroughly erase a drive for retiring or repurposing by simply deleting the password.  One-click instant erase!  Nice.

Forbes’ thoughts on the NSA action 

99% of data recovered from a drive in the tragic crash 

It’s amazing and somehow very sad that engineers were able to recover the data from a Seagate disk drive found in the wreckage of the shuttle Columbia. 

When things get tough at work, a colleague of mine is fond of saying “they’re just disk drives.”  This kind of brings that home.

More on the story from Engadget.

Update: more on this story from Blocks and Files.  Dave Reinsel at IDC has written a detailed report as well, accessible to subscribers for a fee.  Intriguing perspectives about the persistence of data in disk drives for good and ill. 

. 

Storage performance specs are so last millenium  

Going by today’s headlines, storage vendors should add a new spec to their data sheets: hackability.

Case in point: yet another theft of reams of customer data, this time in the UK.  Tapes left in a car.

Wired Magazine’s Fetish spread features the Maxtor BlackArmor drive from Seagate.   This is a new kind of extreme storage device.  It’s virtually unhackackable, offering AES encryption encased within the hard drive itself.  So if it gets stolen or lost (does it matter which?), you can sleep secure in the fact that someone else may have your drive, but they don’t have your data.

It’s got a high “eye candy” factor, too - so you can be safe AND cool.

Update: CDW is taking orders for BlackArmor now.

Even best-in-class rebuild times expose data to hours of risk

Blocks and Files points to an Demartek study (sponsored by Pillar) showing that the Pillar Axiom 500 rebuild times are much shorter on high capacity arrays that similar EMC or NetApp systems.

The glaring data beyond Pillar’s performance, though, is the teeth-clenchingly long times that data is one drive failure away from catastrophic loss in every case. 

The tests were conducted with about 50 500GB drives per system using RAID 5 (RAID 4 for NetApp), meaning the arrays can be rebuilt if one drive fails, but not two.  So during the rebuilds of from 3 to 23 hours, if another drive fails, all data is lost. 

Insert 1 TB drives into the equation, and your rebuild time (and vulnerability) doubles.

RAID 6 and other dual-failure protective schemes make this problem go away, but cost a little in capacity. 

How are you dealing with this?  I’ve heard that RAID 6 is gaining traction for 7200 rpm high capacity enterprise drives like Seagate’s Barracuda ES that are less reliable than 15K SAS enterprise drives (see Seagate’s 3.5″ Cheetah and 2.5″ Savvio for reference). 

Does your RAID vary by drive class?  What other magic do you apply to make this work?