Security

The “evil maid” hack can’t touch self-encrypting drives

October 28, 2009 – 2:16 pm

evil maid 4There’s a new chink in the armor of software-based drive encryption – the Evil Maid Hack.  Privacy Digest explains how it works

Just like hacks before it (remember Cold Boot?), the Evil Maid doesn’t work on self-encrypting hard drives like those from Seagate.  That’s because encryption is hard-wired into the drive and automatically locks it when power is removed.  Nothing on the drive, including the bootcode, can be accessed without the user’s password.

The Evil Maid would be staring at a password entry screen, cursing away, unable to see let alone change the bootcode.

You can close this gap – in laptops, servers or storage systems – with self-encrypting versions of Seagate Momentus, Savvio, Cheetah, and Constellation drives.

By Pete Steege | Tagged , , , , , , , , , , , , , , | Comments (0)

The National Archives lose a terabyte drive filled with sensitive data

May 20, 2009 – 8:36 am

nationalarchivesThe National Archives lost a terabyte disk drive filled with sensitive data from the Clinton administration, including Social Security numbers and Secret Service procedures.

Had this data been on a self-encrypting drive, we would not have heard of its loss.  That’s because the data would never have been at risk. 

Assuming the data was saved somewhere else, there would be no need to find the drive, no need to change procedures, no need to notify Al Gore and his daughter that her SSN is now “out there”. 

 Data on a lost self-encrypted drive remains as safe as any other data.

The government should mandate self-encrypting disk drives for all sensitive data, even for all government storage. For that matter, our economy would benefit greatly were all businesses required to encrypt their sensitive data.

By Pete Steege | Tagged , , , , , , , , , , , , , , , , , , | Comments (1)

Seagate Momentus arms Mobile Armor for military-grade data security

May 15, 2009 – 8:18 am

mobile20armor201

Mobile Armor provides data protection solutions for the U.S. military and other risk-averse data users. 

The military uses PCs as much or more than any organization, of course.  As you can imagine, preventing data loss, especially the “I wonder who saw it?” kinds of losses, is high on their list of requirements.   

Seagate is a part of Mobile Armor’s Full-Disk Encryption (FDE) solutions.  Seagate’s Momentus self-encrypting disk drives look and act like normal laptop drives- unless you’re an unauthorized user.   

Secure notebook PCs are becoming more and more common.  An IT guy at a bank told me last week that all of their new notebooks are secure PCs including self-encrypting drives. To him, it is a no-brainer requirement for any bank.

The secure drive is at the heart of secure PC’s, but the password management solution around it – like Mobile Armor’s – is just as important.  With industrial-strength data security like this, losing passwords is tantamount to losing the data.

By Pete Steege | Also posted in Notebook PC, Products | Tagged , , , , , , , , , , , , , , , | Comments (0)

The biggest data breach yet?

April 7, 2009 – 1:53 pm

heartland_logoHeartland Payment Systems disclosed a data breach that could eclipse the current record set by TJX in January 2007. 

While not specifying the number of records that were compromised, Heartland’s systems were exposed for some period of time in 2008.  Heartland processes more than 100 million card transactions a month.

According to Computerworld, what may be more ominous is that cybercrooks are adding transaction processors to their typical target list of individual retail companies.

Another example of the pressing need for comprehensive data security measures,  including self-encrypting disk drives.

By Pete Steege | Tagged , , , , , , , , , , , , , | Comments (0)

Encryption management across Mac and Windows

March 23, 2009 – 5:43 am

winmagic_final

A few weeks after the disk drive community published encryption standards, self-encrypting disk drives take another step towards broad enterprise adoption: WinMagic announced that SecureDoc now manages encryption keys across Mac and Windows PCs.

The ability to manage encryption passwords and recovery across all of an organization’s PCs is a requirement to fully implement disk encryption.  This is critical because self-encrypting drives are so secure that a lost password means unrecoverable data.

By Pete Steege | Also posted in IT Storage, Notebook PC | Tagged , , , , , , , , , , , , , , , | Comments (0)

The encryption stimulus plan

March 12, 2009 – 6:10 am
Source: creditloan.com

Source: creditloan.com

A fellow employee once asked me, “Why isn’t it illegal for companies to use non-encrypted drives in business computers?”

Set aside the logistical issues, and that’s a really good question. Day after day we read about exposed personal data, both lost and stolen. Beyond the personal intrusion, data loss is very expensive for companies.  According to  the Identity Theft Resources Center in San Diego:

  • Documented data breaches have risen by over 40% a year since 2006
  • It can cost a business $90,000 or more to recover from a lost laptop and its data 
  • Lost or stolen equipment account for more of these breaches than any other cause – about 20%

Jon Oltsik at CNET proposes a mandate for 100% encrypted disk drives in all Government equipment. He makes a compelling argument!

But why stop there?  Mandating encryption for all business data would increase investment in the technology sector as the encrypted infrastructure is built out. Companies would drastically reduce their exposure to the costs and risks related to being front page news due to exposed customer data.  More jobs, more efficient companies, technological advances, all that good stuff.

Not to mention we would all feel safer.

The Government could get the ball rolling with loans or other help to defer the upfront costs for some businesses.  The initial investment would pay for itself over time in reduced costs for businesses to protect ever more sensitive data from theft or loss – not to mention the costs of cleaning up the mess after data is compromised.   

Can you think of a better way for the Government to use their influence on our industry to create technology jobs, enhance the information infrastructure and reduce business costs? I’m all ears.

By Pete Steege | Also posted in Notebook PC, Trends | Tagged , , , , , , , , , , , , , | Comments (2)

The world’s eight best encrypted drives

March 3, 2009 – 2:26 pm

blackarmor

PCWorld’s, that is.  They reviewed a gaggle of encrypted drives in the March issue.  Seagate’s BlackArmor came out on top with a score of 93 out of 100.

A summary of the eight products studied. 

Their observations on encrypted drives in general:

  • Hardware-encrypted drives offer a performance boost over encryption that relies on software running on Windows.
  • Encryption is far simpler with today’s crop of encrypted devices.
  • Encrypted drive eliminate a lot of security worries, but they can’t prevent careless behavior.

It’s not so much a performance boost as a lack of any slowdown due to encryption.  It happens 100% in hardware, at line speeds.

By Pete Steege | Also posted in Products | Tagged , , , , , , | Comments (0)

HP, IBM and EMC lead the way to universal encryption

February 17, 2009 – 7:06 am

train-tracks1

Encryption took a big step towards ubiquity across IT with a proposal from the leaders of the IT hardware industry last week. 

HP, IBM and EMC’s RSA Security, along with Seagate, Thales Group, Brocade and LSI Corp, submitted a new standard that will pave the way for servers, storage systems, networking gear, tape and disk drives -  even notebooks – to use a common encryption key management system.

Boring backroom stuff to some.  But a standard like this can do for data security what the standard rail gauge did for transportation in the 19th Century.

By Pete Steege | Also posted in Data Center | Tagged , , , , , , , , , , , , | Comments (1)

Seagate Constellation is much more than 2 TB

February 3, 2009 – 7:07 am

There has been a lot of coverage of Seagate’s new Constellation family of enterprise disk drives, mostly leading with something about 2 TB.  While the 2 TB capacity is newsworthy, Constellation is a much bigger deal than that capacity milestone. 

Chris Mellor caught a glimpse of it. (UPDATE: fixed the broken Chris Mellor link.  Thanks Chris Evans!)  Here’s my take:

  1. The first 2 TB enterprise drive.  You know that already. 
  2. The first 500 GB  enterprise 2.5″  high capacity drive.  This is game-changing.  For the first time, 2.5″ storage systems have a capacity-optimized drive that let them compete with 3.5″ systems on overall cost/GB.  As server makers know, the power savings from switching to the 2.5″ drive format dwarfs the incremenal power improvements possible at 3.5″ from any vendor. 
  3. The most power efficient enterprise drives available. The Power Choice feature allows system makers to actively manage power at each drive.  Most drives are idle most of the time in most applications.  Why keep them spinning?  Unlike other vendor’s Green schemes, this can be done without sacrificing performance.
  4. All-SAS storage systems and servers.  Constellation comes in SATA flavors of course, but also SAS.  For the first time, storage and server makers have a full complement of SAS drives: 3.5″ performance (Cheetah), 3.5″ capacity (Constellation ES), 2.5″ performance (Savvio), 2.5″ capacity (Constellation).  The door has opened to fully leverage the system-level value of SAS whatever the application. 
  5. Universal enterprise encryption. Constellation drives are self-encrypting drives (SED – previously known as Full Disk Encrption). Coupled with encryption capabilities in Cheetah and Savvio drives, core drive-level encryption will able to be implemented across the enterprise.  This has huge implications as data centers are being driven to get their arms around data security gaps.

Dell and other OEMs get it. I’d love to hear from other system builders and users.  What does Constellation make possible for you?  What would you like to see from Constellation that you don’t today?

By Pete Steege | Also posted in Data Center, Green, Products | Tagged , , , , , , , , , , , , , , , , , , , | Comments (11)

Storage encryption will be as common as seat belts

January 28, 2009 – 6:07 am

tgc-logo

Yesterday the top six disk drive manufacturers (essentially all of them) published final specifications for common full-device encryption standards through the Trusted Computing Group.  This opens the door for a world where storage devices with encryption are as common as automobiles with seat belts.  Encryption will become part of the definition of what a storage device is. 

Media independent

The new standards are just as applicable to an SSD as a disk drive.  This is important because enterprise systems will increasingly combine different storage media types within storage systems and even within devices – as well as a small but growing set of flash-based notebook PCs.

Application independent

The new standards cover storage in consumer and office desktop PCs and notebooks as well as data center servers and storage systems.

Just like seat belts, expect to see mandates for businesses to use fully-encrypted storage in the future to help deal with the growing stream of sieve-like data thefts and losses across the business landscape.  It’s already the law for parts of  the Government sector. 

Who’s using encrypted storage devices today?  Are you required to by law?  Let us know.

By Pete Steege | Also posted in Desktop PC, IT Storage, Notebook PC, Technology, Trends | Tagged , , , , , , , , , , , , , , , , | Comments (0)

Older posts »