Apr 07, 2008
“The data breaches widely reported in the media generally focus on stolen laptops and PCs, but people forget about the staggering amount of information leaving the data center daily,” said Sherman Black, senior vice president and general manager, Seagate Enterprise Compute Business. “Equipment and systems with hard drives inside are continuously being retired, relocated or repaired and there’s often little thought given to properly disposing of the data they contain before they leave the data center. A recent investigation showed that 50% of the drives returned for servicing by customers contained readable sectors. If you assume that an average system’s lifecycle is three to five years that suggests that more than 50 thousand enterprise drives are leaving data centers daily worldwide. If only half of those hard drives are readable, that’s at least 2,500TB per day of exposed data available in the open market. The increasing flow of exposed sensitive data ought to be a serious concern to CIO’s everywhere.”
Compared to other encryption technologies, self-encryption within the hard drive brings significant performance, management, and security benefits for users. Since the encryption engine is in the drive’s controller ASIC, encryption is transparently fast and performance automatically scales with every drive added to a data center. Because there is no performance cost associated with encrypting more data, there is no need to make fine-grained decisions as to what data to protect – which can eliminate the need for data classification. Self-encryption requires no change to the OS, applications, or databases. Instantaneous Key-Erase technology, a standard on all Seagate FDE hard drives, facilitates quick and secure removal, whether for repurposing, returning for service, or disposal.
Leading analysts, standards bodies, and major storage providers have closely evaluated and concluded that self-encrypting drives deliver critical benefits for data center information security.
“Many organizations are considering drive-level security for its simplicity in helping secure sensitive data through the hardware lifecycle from initial setup, to upgrade transitions and disposal,” said Eric Ouellet, research vice president, Secure Business Enablement, Gartner. “Hard drive disposal in particular has always been one of the most challenging elements of the data security lifecycle. Even with secure disposal processes in place, misplacement, mislabeling and theft still do occur which can result in significant losses, possible penalties and fines. Eliminating the risk of compromise from the source is one approach that can significantly reduce the complexity of managing sensitive data.”
“Enterprise customers today, especially in the financial services sector, have a keen interest in protecting data-at-rest. Natively securing data in the storage drive without any system performance degradation is the next frontier in truly securing data and storage media that eventually leaves the data center,” said Robert Cancilla, vice president of Disk Systems, IBM. “Introduced over a year ago, IBM’s self encrypting tape solutions, featuring key management software, continue to address this security priority without the traditional impact to I/O performance, while simplifying encryption key management. We’re excited about working with Seagate to bring this model to our disk offerings.”
“With the continued headlines about data breaches and emerging government mandates, the need for data-at-rest encryption has come front and center,” said Phil Bullinger, executive vice president, Engenio Storage Group, LSI. “By encrypting at the drive level, users can potentially eliminate application impact and reduce worry about drives being lost, stolen or repurposed. LSI is pleased to be working with other industry leaders to drive critical developments in standards-based encryption technology.”
Trusted Computing Group:
“Full drive encryption enabled in hardware and based on the open standards created by the Trusted Computing Group with Seagate’s leadership can give administrators and users confidence that data will be encrypted quickly, easily and always,” noted Brian Berger, Trusted Computing Group marketing work group chair. “As demonstrated by the rapidly increasing number of lost, stolen or hacked drives, encryption in hardware really is the most effective solution to help ensure the security of at-rest mission-critical information. Otherwise, corporations potentially face millions or worse in government fines, lost business, lost goodwill and undermining of other corporate relationships.”
As a complementary solution for data protection of non-encrypted drives that leave the data center, the Seagate Recovery Services division recently announced its Data Erasure suite of products that utilize a series of advanced, defense-industry rated and approved algorithms to completely and permanently erase all data from a disk drive to ensure that proprietary and sensitive information does not get into the wrong hands. For more information, please contact a Seagate Recovery Services expert at 800-475-0143 or visit http://services.seagate.com/srs.
Details about the Cheetah 15K.6 FDE Family of Hard Drives
Available in capacities of 450GB, 300GB, and 147GB, the Cheetah 15K.6 family includes Seagate PowerTrim technology which dynamically optimizes drive power consumption at all levels of activity. The Cheetah 15K.6 FDE family offers the highest 3.5-inch hard drive reliability in the industry at 1.6 million hours MTBF (0.55% AFR), a choice of Serial Attached SCSI (SAS) or Fibre Channel (FC) interfaces, and a five-year limited warranty. The Cheetah 15K.6 FDE drive is shipping to OEM suppliers this quarter.
Encryption Technology at RSA
Seagate will be conducting a number of demonstrations at the RSA Conference this week (booth #1448) to showcase its enterprise, notebook, and external hard drive solutions. In addition, Seagate has teamed with Wave Systems (booth #728) and the Trusted Computing Group (booth #2723) to jointly conduct client and server demonstrations. For more information about the RSA Conference program, visit: http://www.rsaconference.com/2008/US/home.aspx
Details on FDE security in whitepapers, podcasts, and webcasts can be found at: www.fdeSecurityLeaders.com.
Seagate is the worldwide leader in the design, manufacture and marketing of hard disc drives and storage solutions, providing products for a wide-range of applications, including Enterprise, Desktop, Mobile Computing, Consumer Electronics and Branded Solutions. Seagate’s business model leverages technology leadership and world-class manufacturing to deliver industry-leading innovation and quality to its global customers, with the goal of being the time-to-market leader in all markets in which it participates. The company is committed to providing award-winning products, customer support and reliability to meet the world’s growing demand for information storage. Seagate can be found around the globe and at http://www.seagate.com.
Seagate, Seagate Technology and the Wave logo are registered trademarks of Seagate Technology LLC in the United States and/or other countries. Cheetah, Key-Erase and PowerTrim are either trademarks or registered trademarks of Seagate Technology LLC or one of its affiliated companies in the United States and/or other countries. All other trademarks or registered trademarks are the property of their respective owners. When referring to hard drive capacity, one gigabyte, or GB, equals one billion bytes and one terabyte, or TB, equals one trillion bytes. Your computer’s operating system may use a different standard of measurement and report a lower capacity. In addition, some of the listed capacity is used for formatting and other functions, and thus will not be available for data storage. Quantitative usage examples for various applications are for illustrative purposes. Actual quantities will vary based on various factors, including file size, file format, features and application software. Seagate reserves the right to change, without notice, product offerings or specifications.