Seagate announced availability of the Seagate Secure Self-Encrypting Drive (SED) option across its portfolio of enterprise-class HDDs. This includes the Savvio 15K.2, Savvio 10K.3, Constellation and Cheetah 15K.7 drives.
“Self-Encrypting Drives are one of the easiest, most cost-effective security measures companies can implement,” said Eric Ouellet, vice president at Gartner. “The use of SEDs provides businesses with complete data-at-rest protection against information breaches that can occur in drives and systems that have been repurposed, decommissioned, disposed of, sent for repair, misplaced or stolen. Because all disk media eventually leaves a company’s control, the use of SEDs ensures that data is protected at these critical stages of a system’s life cycle.”
Enterprises of all sizes can experience exposure to costly data breaches. Whether it’s a “smash and grab” drive or complete system theft, IT managers can face lost revenue, market share and customer confidence. Additionally, adherence to government security regulations (e.g. HIPAA) is a concern for IT managers of information-sensitive businesses (e.g. healthcare, banking and insurance). With 50,000 drives and terabytes of data leaving organizations daily, and because 90% of the drives returned for warranty contain readable data, safe drive retirement is a key imperative for businesses worldwide.
In cooperation with Intel and LSI, who are now shipping local key management and 6Gb/s SAS technology with TCG-based security technology within their controllers and server solutions that integrate seamlessly with Seagate
SEDs, VARs and system integrators can build secure solutions that are strong enough for national security, yet easy enough for the one-person IT department to manage.
“Small to medium-sized enterprises can become more vulnerable to the risks of a data breach, a situation that can quickly become catastrophic and costly,” said David Brown, general manager of Channel Server Products at Intel. “Using an Intel server board, such as Intel ® Server Board S5520HC, with a new Intel ® RAID Controller RS2BL080 and Seagate’s Self-Encrypting Drives, allows data-at-rest to be natively secure at the disk drives themselves. This is a smart and easy way to help ensure that intellectual property remains protected.”
“LSI worked closely with Seagate to deliver industry-first support for SEDs on the new 6Gb/s LSI MegaRAID 9200 series controller cards,” said Tom Kodet, manager of Channel Product Marketing, LSI. “MegaRAID controllers with LSI SafeStore Encryption Services for local key management make deploying Seagate SEDs so simple and cost-effective that even small and medium businesses can now afford a government-grade security solution.”
Data-at-rest security using Seagate SEDs provides a range of benefits for protecting an enterprise system’s information when compared to other software and hardware encryption tools. Among them are:
Performance — The encryption engine matches the full interface speed of the drive and therefore drive performance does not suffer. And because each individual drive contains its own encryption engine, there are no bandwidth issues with scalability as your security and storage needs grow with more drives added to the system.
Compatibility — Drive-level full disk encryption (FDE) technology is supported by the security protocol developed through the Trusted Computing Group (TCG), an organization consisting of membership of more than 50 participating companies, including all hard drive manufacturers. Key management standards to insure interoperability are being established via the IEEE 1619.3. All major storage system providers are participating in IEEE 1619.3.
Manageability — Transparent to end user and storage systems, SEDs scale linearly with no bottlenecks or single points of failure. The IT user does not need to escrow the encryption key to maintain data recoverability because the encryption key is held in the drive. This frees the storage administrator from having to schedule and conduct this performance-throttling activity.
Security — SED technology delivers a new standard of security for data-at-rest encryption. Cipher text is never exposed and the drive is locked and inaccessible to anyone without full authorization.