Industry finally gets the message on security
Seagate is to build automatic encryption into all its enterprise hard drives, the company announced at Storage Expo 2007 in London.
All enterprise drives will be fitted with Seagate's Full Disk Encryption (FDE) as standard.
The Trusted Computing Group (TCG) is designing a security protocol for the drives, and the IEEE 1619.3 Key Management Subcommittee is setting up a management standard to ensure interoperability.
Seagate's move is in response to growing UK government pressure for better data security practices in the industry. Making drive encryption automatic has already been recommended by the US National Security Agency (NSA).
"The fact that the NSA has been such a strong supporter and active participant in the TCG's efforts around standards for device-level FDE speaks volumes," said Seagate chief executive Bill Watkins.
"We have listened very carefully to its advice and requests, and worked closely with others in the TCG organisation."
Another advantage of encryption is to protect data once the drives are retired and junked.
"Many organisations are considering drive-level security for its simplicity in securing sensitive data throughout the hardware lifecycle from initial set-up, to upgrade transitions and disposal," said Eric Ouellet, vice president of secure business enablement at Gartner.
"Drive disposal in particular has always been one of the most challenging elements of the data security lifecycle."
Ouellet added that, even with secure disposal processes in place, misplacement, mislabelling and theft still occur, which can result in significant losses, penalties and fines.
"Eliminating the risk of compromise from the source is one approach that can significantly reduce the complexity of managing sensitive data," he said.
Seagate is to build automatic encryption into all its enterprise hard drives, the company announced at Storage Expo 2007 in London.
All enterprise drives will be fitted with Seagate's Full Disk Encryption (FDE) as standard.
The Trusted Computing Group (TCG) is designing a security protocol for the drives, and the IEEE 1619.3 Key Management Subcommittee is setting up a management standard to ensure interoperability.
Seagate's move is in response to growing UK government pressure for better data security practices in the industry. Making drive encryption automatic has already been recommended by the US National Security Agency (NSA).
"The fact that the NSA has been such a strong supporter and active participant in the TCG's efforts around standards for device-level FDE speaks volumes," said Seagate chief executive Bill Watkins.
"We have listened very carefully to its advice and requests, and worked closely with others in the TCG organisation."
Another advantage of encryption is to protect data once the drives are retired and junked.
"Many organisations are considering drive-level security for its simplicity in securing sensitive data throughout the hardware lifecycle from initial set-up, to upgrade transitions and disposal," said Eric Ouellet, vice president of secure business enablement at Gartner.
"Drive disposal in particular has always been one of the most challenging elements of the data security lifecycle."
Ouellet added that, even with secure disposal processes in place, misplacement, mislabelling and theft still occur, which can result in significant losses, penalties and fines.
"Eliminating the risk of compromise from the source is one approach that can significantly reduce the complexity of managing sensitive data," he said.
0 comments:
Post a Comment Subscribe to Post Comments (Atom)