Seagate Leads Effort to Provide Secure Storage

"Seagate has announced it is collaborating in the storage and security industry to extend its hardware-based, Full Disk Encryption (FDE) technology to its entire portfolio of enterprise-class hard drives."

Search News

Official Press Release

Seagate Leads Effort to Provide Secure Storage with Full Disk Encryption for Data Centres

Seagate Technology today announced it is collaborating with others in the storage and security industry to extend its hardware-based, Full Disk Encryption (FDE) technology to its entire portfolio of enterprise-class hard drives. Providing data centre managers with the best possible protection for data-at-rest is a significant advancement for security of the world’s enterprise data centres. The Trusted Computing Group (TCG) is establishing a security protocol for communicating with these self-encrypting hard drives, and the IEEE 1619.3 is creating a key management standard to ensure that this new technology will have interoperability. Among the major storage industry players actively involved are IBM, LSI, and Seagate.

Seagate this week is also demonstrating the performance and security capabilities of enterprise drive-level FDE at Storage Networking World. The demonstrations underscore the value that FDE technology brings to storage system administrators tasked with protecting against breaches of data that can occur in drives and systems that have been repurposed, decommissioned, disposed of, sent for repair, misplaced or stolen.

“Many organisations are considering drive-level security for its simplicity in securing sensitive data through the hardware lifecycle from initial setup, to upgrade transitions and disposal,” said Eric Ouellet, vice president, Secure Business Enablement, Gartner. “Drive disposal in particular has always been one of the most challenging elements of the data security lifecycle. Even with secure disposal processes in place, misplacement, mislabeling and theft still do occur which can result in significant losses, penalties and fines. Eliminating the risk of compromise from the source is one approach that can significantly reduce the complexity of managing sensitive data.”

Benefits of Drive Level FDE in the Enterprise
Many organisations, including storage vendors IBM and LSI, who have closely evaluated how encryption in the data centre can best be done to guarantee performance, manageability, security and compatibility while minimising complexity, have concluded that encryption belongs on the disk. Acting in its interests to secure U.S. Government data, the National Security Agency (NSA) has also identified this as a desirable solution.

“The need for enterprise administrators today to be sure that all corporate data is secure across the infrastructure is becoming an increasing priority,” said Barry Rudolph, vice president of Disk Storage Solutions, IBM. “Natively securing data at rest within the disk drives is the next step in the evolution of securing storage media that physically leave the secure confines of the datacentre, and we look forward to collaborating with Seagate and utilising our industry leading key management and security solutions to enable drive level full disk encryption across the enterprise.”

“Data-at-rest encryption is an important topic in the industry,” said president and CEO Abhi Talwalkar, LSI Corporation. “Although it can be implemented through many techniques, the preferred implementation method for external systems is through encryption at the HDD level. LSI is pleased to be working with other industry leaders and standards organisations to develop and deliver the most effective, standards-based encryption technology in the market.”

Drive-level FDE security provides a range of superior benefits for protecting an enterprise system’s data-at-rest when compared to current software and hardware encryption tools. Among them are:

Performance — Because the encryption engine is in the disk drive’s controller ASIC and matches the drive’s maximum port speed, encryption won’t slow a system down. And because it is in the drive itself, its performance automatically scales every time storage is added in the data centre. With FDE at the drive level, performance problems are solved because the encryption functions are done automatically, at full interface speed, within each and every drive in the system.

Compatibility — Drive-level FDE technology is supported by the security protocol developed through the TCG, an organisation consisting of membership of more than 50 participating companies, including all hard drive manufacturers. Key management standards to insure interoperability are being established via the IEEE 1619.3. All major storage system providers are participating in IEEE 1619.3.

Manageability — The IT user does not need to escrow the encryption key to maintain data recoverability because the encryption key is in the drive. There is less of a need to decrypt and re-encrypt the data to maintain security, because the encryption key does not leave the drive. This frees the storage administrator from having to schedule and conduct this performance throttling activity.

Security — This self-encrypting drive technology delivers a new standard of security for data-at-rest encryption. Cipher text is never exposed. There are no clear text secrets anywhere on the drive, and an attacker is assumed to have complete knowledge of the secrets’ design and location. The drive can self power down after a predefined number of authentication attempts. Access control credentials are separate from the encryption key. An attacker cannot alter the firmware – firmware downloads are protected. Seagate has put no back doors in the drive. In fact, the drive is locked and inaccessible to anyone without full authorization.

“The fact that the NSA has been such a strong supporter and active participant in the TCG’s efforts around standards for device-level FDE speaks volumes,” said Bill Watkins, Seagate CEO. “We’ve listened very carefully to their advice and requests, worked closely with others in the TCG organisation, and we’re excited about the opportunity to deliver on this new technology collaborating with industry leaders such as IBM and LSI. It feels good to play a major role in solving a very real problem for IT end users for improved enterprise security.”

Seagate plans to deliver enterprise-class drives with FDE to customers in 2008. For more information about Seagate and its own family of security solutions, visit www.seagate.com/security .

Nice move Seagate; a definite step in the right direction to ensure privacy and ease of use for Administrators.

Discuss in our forum
«Prev 1 Next»

Most Recent Comments

18-10-2007, 08:00:49

duke
Built up this system for my housemate who wanted some beef for close to £500

Spec:

ASUS P5B Socket 775
Intel Core 2 Duo E6320
2GB Corsair DDR2 800MHz/PC2-6400 XMS2
Zalman CNPS9500 CPU Cooler
WD5000AAKS 500GB SATAII
GeForce 7600 GS 256MB DDR2 PCI-E
Black/Silver Wizard Budget Case
Vista Home Premium x64

He doesn't really play games on it and mainly needs it for video editing and the like so I haven't really gone to town and got anything amazing, although its definately got some grunt behind it!

Biiiiiig 25cm case intake fan for maximum cold air overload :D surprisingly silent
[IMG]http://img155.imageshack.us/img155/6255/dsc01188th3.jpg[/IMG]

Front view to show those flappy bits that a lot of cases seem to have these days:
[IMG]http://img91.imageshack.us/img91/1395/dsc01189lm0.jpg[/IMG]

Zalman CPU fan, one of the best air cooling solutions available (imo):
[IMG]http://img140.imageshack.us/img140/9192/dsc01191xa9.jpg[/IMG]

Overall pic, with the front USB cables unplugged for some reason:
[IMG]http://img140.imageshack.us/img140/94/dsc01192cy2.jpg[/IMG]

18-10-2007, 08:40:00

Yeungster
Nice. How come you opted for Vista x64?
Not saying there's anything wrong with it, but will your flat mate have issues with his video editing software / hardware?

18-10-2007, 09:03:21

duke
Fair point, although Premier Pro CS3 natively supports Vista. The only hardware he really uses is his camera, which has FireWire 1394 connectivity. I don't believe he will run into any problems when using this either. Unless you know something I don't? ;)

18-10-2007, 14:11:58

!TIMMY!
I like the 25cm fan! Its massive!

28-10-2007, 09:39:10

maz1989
probably wont be any problems but cs3 was designed for windows 32bit edition..

28-10-2007, 15:40:25

duke
yeah true, though its all up and running now! :)

While Adobe Creative Suite 3 software is natively 32-bit, these applications will run on 64-bit versions of Windows Vista

28-10-2007, 16:46:58

maz1989
:o cs3 works fine on vista 64? wat about xp64?

i really wanna buy a new pc with 4gb of ram for editing and a q6600, not sure whether to wait for the quad penryn's tho.
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.