Seagate Leads Effort to Provide Secure Storage With Full Disk Encryption for Data Centers



    Technology from Seagate and industry leaders including IBM and LSI
    addresses the need to instantly, automatically secure data the moment it
    has left the data center, while simultaneously addressing the hurdles in
    adding encryption in the data center

    DALLAS, TX, Oct. 15 /CNW/ -- Storage Networking World -- Seagate
Technology (NYSE:   STX) today announced it is collaborating with others in the
storage and security industry to extend its hardware-based, Full Disk
Encryption (FDE) technology to its entire portfolio of enterprise-class hard
drives. Providing data center managers with the best possible protection for
data-at-rest is a significant advancement for security of the world's
enterprise data centers. The Trusted Computing Group (TCG) is establishing a
security protocol for communicating with these self-encrypting hard drives,
and the IEEE 1619.3 is creating a key management standard to ensure that this
new technology will have interoperability. Among the major storage industry
players actively involved are IBM, LSI, and Seagate.
    Seagate this week is also demonstrating the performance and security
capabilities of enterprise drive-level FDE at Storage Networking World. The
demonstrations underscore the value that FDE technology brings to storage
system administrators tasked with protecting against breaches of data that can
occur in drives and systems that have been repurposed, decommissioned,
disposed of, sent for repair, misplaced or stolen.
    "Many organizations are considering drive-level security for its
simplicity in securing sensitive data through the hardware lifecycle from
initial setup, to upgrade transitions and disposal," said Eric Ouellet, vice
president, Secure Business Enablement, Gartner. "Drive disposal in particular
has always been one of the most challenging elements of the data security
lifecycle. Even with secure disposal processes in place, misplacement,
mislabeling and theft still do occur which can result in significant losses,
penalties and fines. Eliminating the risk of compromise from the source is one
approach that can significantly reduce the complexity of managing sensitive
data."

    Benefits of Drive Level FDE in the Enterprise

    Many organizations, including storage vendors IBM and LSI, who have
closely evaluated how encryption in the data center can best be done to
guarantee performance, manageability, security and compatibility while
minimizing complexity, have concluded that encryption belongs on the disk.
Acting in its interests to secure U.S. Government data, the National Security
Agency (NSA) has also identified this as a desirable solution.
    "The need for enterprise administrators today to be sure that all
corporate data is secure across the infrastructure is becoming an increasing
priority," said Barry Rudolph, vice president of Disk Storage Solutions, IBM.
"Natively securing data at rest within the disk drives is the next step in the
evolution of securing storage media that physically leave the secure confines
of the datacenter, and we look forward to collaborating with Seagate and
utilizing our industry leading key management and security solutions to enable
drive level full disk encryption across the enterprise."
    "Data-at-rest encryption is an important topic in the industry," said
president and CEO Abhi Talwalkar, LSI Corporation. "Although it can be
implemented through many techniques, the preferred implementation method for
external systems is through encryption at the HDD level. LSI is pleased to be
working with other industry leaders and standards organizations to develop and
deliver the most effective, standards-based encryption technology in the
market."
    Drive-level FDE security provides a range of superior benefits for
protecting an enterprise system's data-at-rest when compared to current
software and hardware encryption tools. Among them are:
    Performance -- Because the encryption engine is in the disk drive's
controller ASIC and matches the drive's maximum port speed, encryption won't
slow a system down. And because it is in the drive itself, its performance
automatically scales every time storage is added in the data center. With FDE
at the drive level, performance problems are solved because the encryption
functions are done automatically, at full interface speed, within each and
every drive in the system.
    Compatibility -- Drive-level FDE technology is supported by the security
protocol developed through the TCG, an organization consisting of membership
of more than 50 participating companies, including all hard drive
manufacturers. Key management standards to insure interoperability are being
established via the IEEE 1619.3. All major storage system providers are
participating in IEEE 1619.3.
    Manageability -- The IT user does not need to escrow the encryption key
to maintain data recoverability because the encryption key is in the drive.
There is less of a need to decrypt and re-encrypt the data to maintain
security, because the encryption key does not leave the drive. This frees the
storage administrator from having to schedule and conduct this performance
throttling activity.
    Security -- This self-encrypting drive technology delivers a new standard
of security for data-at-rest encryption. Cipher text is never exposed. There
are no clear text secrets anywhere on the drive, and an attacker is assumed to
have complete knowledge of the secrets' design and location. The drive can
self power down after a predefined number of authentication attempts. Access
control credentials are separate from the encryption key. An attacker cannot
alter the firmware -- firmware downloads are protected. Seagate has put no
back doors in the drive. In fact, the drive is locked and inaccessible to
anyone without full authorization.
    "The fact that the NSA has been such a strong supporter and active
participant in the TCG's efforts around standards for device-level FDE speaks
volumes," said Bill Watkins, Seagate CEO. "We've listened very carefully to
their advice and requests, worked closely with others in the TCG organization,
and we're excited about the opportunity to deliver on this new technology
collaborating with industry leaders such as IBM and LSI. It feels good to play
a major role in solving a very real problem for IT end users for improved
enterprise security."
    Seagate plans to deliver enterprise-class drives with FDE to customers in
2008. For more information about Seagate and its own family of security
solutions, visit http://www.seagate.com/security.

    About Seagate

    Seagate is the worldwide leader in the design, manufacture and marketing
of hard disc drives, providing products for a wide-range of applications,
including Enterprise, Desktop, Mobile Computing, Consumer Electronics and
Branded Solutions. Seagate's business model leverages technology leadership
and world-class manufacturing to deliver industry-leading innovation and
quality to its global customers, and to be the low cost producer in all
markets in which it participates. The company is committed to providing
award-winning products, customer support and reliability to meet the world's
growing demand for information storage. Seagate can be found around the globe
and at http://www.seagate.com.
    Seagate and Seagate Technology are registered trademarks of Seagate
Technology LLC. The Wave logo is a trademark or registered trademark of
Seagate Technology LLC or one of its affiliates. All other trademarks or
registered trademarks are the property of their respective owners. One
gigabyte (GB) is equal to one billion bytes when referring to hard drive
capacity. Computer operating systems may use different standards of
measurement and report lower capacity. In addition, some of the listed
capacity is used for formatting and other functions, and thus, will not be
available for data storage.




For further information:

For further information: David Szabados of Seagate Technology,
+1-831-439-2859, david.szabados@seagate.com, Web Site: http://www.seagate.com

Organization Profile

SEAGATE TECHNOLOGY

More on this organization


Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

CNW Membership

Fill out a CNW membership form or contact us at 1 (877) 269-7890

Learn about CNW services

Request more information about CNW products and services or call us at 1 (877) 269-7890