Data security has become a hot issue among IT decision makers recently. Particularly as the cloud is entrusted with mission-critical resources, executives want some assurances that their data will be protected. For data centre operators, lax security can represent a significant burden that increases total cost of ownership (TCO) in the form of fines and customer cancellations.
Storage devices currently in operation hold significant amounts of sensitive information, and an estimated 50,000 drives leave data centres on a daily basis. The South Carolina Department of Revenue, for example, recently learned a harsh lesson about the risk of storing vast volumes of data when it suffered a breach compromising 3.6 million personal records. As USAToday reported, this included tax return information from 650,000 businesses, and even if hackers utilised only 1% of the data, it could mean US$338 million in losses. This may be an extreme example, and not every data breach is going to be as catastrophic. But the risk is very real for data centre operators as their hardware stores an ever-growing digital payload.
Barriers to encryption
There are two significant barriers preventing many businesses from implementing full-disk encryption (FDE). As FierceCIO editor Paul Mah noted, encryption can be both expensive and difficult to implement. The limited availability and time requirement to deploy most software solutions make them unlikely candidates for enterprise-grade FDE use.
Another factor raising the degree of difficulty in data protection is that many software solutions struggle to integrate with existing software, leading to incomplete encryption or decryption of some files.
Despite the challenges and cost, the risk of not having encryption in place is significant for most businesses these days. As Mah noted, the loss of a single laptop can result in thousands of compromised records. When that risk is scaled out to the volumes of information stored in the average data centre, it is far too great to ignore the threat of a potential breach.
Businesses need better data protection
There are a number of reasons data security frameworks may be lacking. Today's technology ecosystem is complex, and deploying effective security solutions can be both time consuming and financially intensive without the proper tools. In many cases, it is simply a matter of lacking clear information security policies to dictate how and which data should be protected.
Seagate Self-Encrypting Drive technology is designed to streamline the process so that much of the operational pain is removed. However, it is important to note that a comprehensive data protection framework incorporates more than a single technology. SED allows businesses to safely protect data at rest, but should not replace other encryption solutions entirely. For example, an attacker who exploits a server that has access to an unlocked drive will be able to view stored data. To protect against this type of threat, device owners generally use file system encryption, but software-based solutions are not feasible for larger volumes because they put extra strain on the system's processor. This means operators must prioritise which data to encrypt and focus on highest risk threats.
As may be imagined, this can leave a significant amount of information vulnerable once a storage device leaves the operator's control. SED relies on the device itself to perform full-disk encryption, so security can be achieved without the associated performance loss that often comes with software-based technology. This also eliminates the need to prioritise data for encryption, further reducing TCO by increasing efficiency for the operator as well as the technology itself.