Entries tagged as ‘FDE’
Solving the “data on the loose” problem starts with safer loose data
Despite an almost daily cadence of news stories about exposed customer data, most IT departments seem resigned to the fact that their number might be called. It’s just fate, right? What are they supposed to do – ban thumb drives? Restrict notebook PCs to the office?
New products from Dell, Seagate and others are finally providing realistic solutions. For a small premium to standard notebooks and mobile storage devices, companies can now make their employees data loss-proof with self-encrypted disk drive technology like Seagate’s Seagate Secure.
Blesssed by the NSA
These notebooks and portable drives can still be lost or stolen, but the data is 100% protected with government-grade 128-bit AES encryption. The incident remains an inconvenient hassle rather than a newspaper headline.
Even the NSA has given this technology a thumbs-up.
Unlike software solutions, the disk drives in these products are encrypted automatically so employees can’t turn it off or forget to turn it on. There is no performance penalty. Laptop passwords can be centrally managed with McAfee’s ePolicy Orchestrator and other vendors’ products.
While mobile encryption doesn’t plug every hole in your defenses (malicious or misguided workers, for instance), it does provide a foundation of security that you can build upon.
Let’s hear from users (or panners) of this technology – what do you think?
Categories: Random
Tagged: BlackArmor, employee mobility, encryption, ePO, ePolicy Orchestrator, FDE, McAfee, Momentus FDE, National Security Agency, NSA, Seagate Secure, security, SED
McAfee ePolicy Orchestrator adds self-encrypting PC drives to its bag of security tricks
There’s a security industry axiom that says “It’s better to place the guard next to the jewels.” With McAfeee’s latest move, it looks like the information security industry is taking that to heart by bringing self-encrypting disk drives (SED) into the mainstream mix of security infrastructure elements.
Unlike software-based encryption, SED drives like Seagate’s Momentus FDE drives encrypt everything written to a drive, at the drive. This takes away potential ‘back doors’ or access points to PC data and encrypts at full speed. It makes encryption hackproof and “free” from a performance and individual PC management standpoint.
What’s been lacking are the hooks in some enterprise management tools like McAfee’s ePolicy Orchestrator (ePO) that simplify management of self-encrypting PCs. Wave Systems, SECUDE International and others already support Momentus SED.
McAfee’s announcement makes SED an easy-to-add security tool for a much broader market. Expect rapid growth in SED as more companies place more guards next to their digital crown jewels.
Categories: Data Security · Laptop PC
Tagged: encryption, ePO, ePolicy Orchestrator, FDE, McAfee, Momentus, notebook, Seagate, SECUDE, security, SED, self-encrypting drives, Wave Systems
Take the Oops factor out of the security equation with mobile encryption
The UK government’s data security woes continue, the latest a misplaced USB stick containing detailed data on 10,000 serious offenders -and all 84,000 prisoners in England. Home Secretary Jacqui Smith, in charge of UK prisons, is the Embarrassed Minister of the Month when it comes to UK data security.
Of course there will be lots of hand-wringing about this persistent trend. The reality is that while processes can be improved, people will be people; stuff happens.
Encryption makes lost drives no-news events
Mandate fully encrypted mobile storage like Seagate BlackArmor and the UK government will at least “oops” proof data on the move.
Categories: Data Security
Tagged: BlackArmor, Data Security, encryption, FDE, prisoners, UK government
DFS-hidden data can be found by Microsoft Vista, Word and Google Desktop
You may be in denial if you think a Deniable File System (DFS) will fully secure your data. So says Byte and Switch today, based on a study by British Telecom’s Bruce Schneier and a team of researchers from the University of Washington. They were able to expose DFS-hidden data with Microsoft Vista, Word, and Google desktop.
Fully ecrypted hard drives are not affected
Don’t worry - this chink in data security does not apply to drives using Full Disk Encryption (FDE) .
Categories: Data Security
Tagged: British Telecom, Bruce Schneier, deniable file system, DFS, FDE, full disk encryption, University of Washington
Cool, but encryption is a kindler and gentler way to retire disk drives
Blocks and Files highlighted this very physical solution to a data management problem: how to be sure sensitive data on retired disk drives never again sees the light of day. It’s a do-it-yourself version of industrial disk crushers.
Verity’s quite excited about the Hard Drive Destroyer, and I know it fills a desperate need. But it’s not very resource-efficient nor environmentally friendly. That’s a perfectly good drive! Can’t someone else use it?
The renewable alternative: self-encrypting hard drives like the Momentus FDE and BlackArmor. When it’s time to retire, throw away the AES-grade encryption key, and Poof! - what was once written will never be seen again. Certifiably so.
Momentus FDE is a notebook drive. The first enterprise FDE drive will be the Seagate Cheetah 15K . Stay tuned.
Who’s destroying drives out there? Anyone willing to admit they’re ignoring this problem and reusing drives?
Categories: Data Security · Digital Home · Laptop PC
Tagged: 15K, BlackArmor, Cheetah, FDE, Hard Drive Destroyer, Momentus, Verity
FDE will mean less crushing and more re-using of disk drives
The Minneapolis Star Tribune profiled two local companies that have thriving businesses destroying retired disk drives. The process is startling similar to the metal crushers used in junk yards.
If you had any doubt that erasing data from a drive doesn’t really erase it, read this article.
Video of a drive shredder in action
Seagate will ship about one billion disk drives in the next five years. Imagine if they all had to be crushed and recycled when they are retired? Or worse yet, thrown in a junk pile somewhere?
An exciting feature of the industry’s new Full Disk Encryption technology is that drives can be erased with absolute certainty by simply deleting a password. That means that still-functional retired drives can be resold as “gently used” drives.
Make room next to that used car lot!
FDE is currently available on notebook drives like the Seagate Momentus FDE, and it will be coming soon to servers and storage systems near you.
When you get rid of a drive, do you erase it, crush it, or cross your fingers? Let me know!
Categories: Data Security
Tagged: Asset Recovery Corp, Data Security, FDE, full disk encryption, Shred It, Star Tribune
Hardware-based encryption is an important weapon in the defense of data at rest
If the National Security Agency says Seagate’s Momentus FDE self-encrypting hard drive is secure, I don’t need any more convincing.
It really is a cool drive, with full AES encryption of all data within the drive, all without any slow-down in performance.
And it can’t be hacked the way software-based PC data encryption schemes can. Just don’t lose your password! That’s why key management is such an essential part of notebooks using of these drives.
Bonus benefit: you can instantly and thoroughly erase a drive for retiring or repurposing by simply deleting the password. One-click instant erase! Nice.
Forbes’ thoughts on the NSA action
Categories: Data Security · Laptop PC
Tagged: FDE, full disk encryption, Momentus, National Security Agency, NSA
Digital Rights Management requires rock-solid data security in the infrastructure
Atrato’s been making waves with their innovative approach to performance for content serving applications. Now they’ve announced that they are working with Seagate to add full disk encryption (FDE) to provide compelling data security to the solution.
Secure data is a clear need for customers in the business of content distribution. Their product is basically bits and bytes. Without bullet-proof security, these guys risk a “pay if you want to” message to this developing market.
The rules of engagement for Digital Rights Management are still taking shape. Atrato’s capabilities will be a valuable tool for those trying to influence the future to carve out a profitable and sustainable business model in this space.
Comments? Is this a killer product for media companies or just interesting technology?
Categories: Company Profiles · Data Security · Digital Home · Industry trends
Tagged: Atrato, content management, digital rights management, DRM, FDE, Seagate, Seagate Secure, security
Destroying data can be as important as creating it
How much time do you spend talking with your customers about what to do with their solutions when they are done with them? Maybe you should rethink your priorities.
According to Seagate, 50,000 enterprise drives are retired every year. In this age of highly proprietary business data and hyper-sensitive customer records, destroying information can be as important as creating it. How do businesses guarantee that data is completely removed from retired servers and storage – and PCs ?
Seagate, IBM and LSI have taken a step towards making this incredibly simple and inexpensive. With Seagate’s Cheetah 15K.6 FDE drive, available this summer, data can be made to disappear forever from retired server and storage drives with a single command.
This technology already exists for notebook PCs. In all cases, make sure proper password management procedures are in place before implementing these drives. Once the key is lost or erased, the data is gone forever.
More from Seagate on secure storage here.
Anyone out there using FDE in notebooks today? How is it working for you?
Categories: Data Security · Datacenter · Servers · Storage Systems
Tagged: Cheetah 15K, disk drives, FDE, IBM, LSI, retire, Seagate
Full Disk Encryption is the elegant solution to elaborately hacked passwords
Engadget has recently raised the alarm over gaps in software-based encryption security. First, they reported that keys can be recovered from DRAM with a complex but possible process. Next, they pointed out that thumb drives could be used in a simpler variation of the technique.
Good news: you can close this gap with a hard drive with Full Disc Encryption (FDE), like the Momentus 5400 FDE.
-
The cryptographic key never leaves the hard drive
-
It’s stored on an ASIC in the hard drive with no probe points
-
Any attempt to remove the ASIC from the drive package locks the drive and cuts power to the chip, erasing its memory
For those serious about security, stop messing with bandaids and lock it down tight. Here’s a more detailed description of this.
I’ve posted several times on data security and encryption issues.
Categories: Data Security · Laptop PC
Tagged: 5400, engadget, FDE, full disk encryption, hard drive, Momentus, security, thumb drive
