Hard drive maker brings encryption to device level

A new hardware-based encryption technology from Seagate Technology could become standard in a few years as a means to combat data theft from stolen or lost laptops.

Dubbed DriveTrust Technology, encryption is integrated directly into the drive itself. Most other encryption technologies reside in a separate application or as part of the operating system. The technology had been available for the DV35 series hard drives that Seagate makes for digital recorders, but not in a PC-based system. The first Seagate laptop hard drive to feature the technology will be the Momentus 5400 FDE.2.

“This will be the first time anyone’s ever baked an (encryption) chip right into the drive,” said Seagate spokesman Michael Hall.

“The encryption keys for this drive are hidden in what we call secure partitions. If you take, for instance, a 200 GB drive, about 10 per cent of that storage is unaddressable by outside resources. We store the encryption keys in that hidden space so that none of the other resources in the computer can get to it. With software encryption, you have the keys floating around in the OS,” explained Hall.

The password-based system prompts the user at boot to unlock the drive. The drive also allows an administrator to add other security-based applications to the drive such as organization-wide encryption key management or multi-factor authentication.

A hardware-based encryption system has been thought possible for a long time now but complexity may have delayed its appearance in a product, said Brian O’Higgins, CTO of Third Brigade, a security software provider based in Ottawa.

“You knew they were coming five years ago, it’s just taken them a long time to get to the market. Whenever you talk about encryption, there’s always a lot of complexity about it. It’s all about managing the keys. You need a proper standard,” he said.

Hardware security solutions aren’t completely unheard of. A non-software approach has been developed before, said O’Higgins, but typically on a PC motherboard or as a data centre solution across multiple hard drives.

He said that it will probably be only a year or two before encrypted laptop hard drives become commonplace, particular if a manufacturer the size of Seagate is backing the technology.

Charles Kolodgy, research director of security products for IDC, agreed that this approach to encryption will likely become a standard, particularly for enterprise laptops.

“We’re beginning to see a greater interest in data encryption, I think. Even this year, you had a lot of personal records that were lost over the network, but many, many more were lost from laptops,” said Kolodgy.

He warned that “given unlimited time and unlimited resources, you can break anything,” but a locked down hard drive would deter all but the most persistent data thieves.

But under some circumstances, that level of encryption could complicate matters for the user as well, argued Bill Margeson, CEO of CBL Data Recovery Technologies, based in Markham, Ont.

If a disk becomes damaged, for example, encryption can complicate the recovery process, he said.

“With about 25 per cent of what we see, the media, for various reasons becomes damaged throughout the platter surface. This really complicates getting intelligible data back. The decryption doesn’t have enough to work with,” he explained. “It does add another layer of complexity.”

Margeson said that software-based encryption solutions are commonly available to lock down disk drives, but tend to be underutilized by OEMs due to lack of interest. However, he acknowledged there are populations of users that desire added security. “I guess there will be a need, in the right place.”

Seagate is marketing its drive as a means for organizations to meet compliance regulations such as the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. In Canada, the technology would be most applicable to the Personal Information Protection and Electronic Documents Act (PIPEDA) which governs the way information belonging to private citizens is collected and utilized by organizations. It also governs the number of years that information can be kept on file.

According to Seagate, its DriveTrust Technology can erase a drive instantly, allowing information to be safely destroyed. The company is promoting the technology as a means to handle hardware lifecycle management.

Hall said the drives will ship early next year. Seagate is currently in talks with several laptop OEMs, he said, but no agreements have been finalized yet.

Comment: [email protected]

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs