Safe & Sound

The number of data breaches has risen considerably in recent years. According to one source (see boxout), a quarter of UK businesses have experienced at least one major breach in the past year.

It is little wonder then that security is increasingly seen as paramount when it comes to maintaining customer confidence, ensuring business continuity, safeguarding reputation and managing mission critical applications. Keeping data secure is the number one consideration for CIOs.

Just how to secure data against a range of threats, from malicious attacks to basic user error, has been a battle. With the rise in the use of employee-owned devices on corporate networks, gaining access to an otherwise secure system from outside is relatively easy to a hardened hacker. As the perpetrators become ever more sophisticated in their attempts to access data, so too those charged with protecting it have to find ever more ingenuous ways to keep it secure. Now, though, a relatively simple answer is increasingly being seen as a viable and cost-effective security solution: self-encrypting drives (SEDs).

With SEDs, the encryption takes place as the data is written to disk. The security comes from the associated RAID controller, such as Broadcom's SafeStore, that supports hardware encryption. The complementary keys on both the drive and the controller card mean the disk will only work in-situ. If it's removed (lost, stolen, end-of-life, warranty repair etc.) the data becomes unreadable.

The codes are all but unbreakable. Due to the 256 bit encryption there are billions of possible encryption codes. Even if a program was written to try them all it would just take too long; at least 10 years. The moment it looks like someone is getting close to finding a way to break a code, the manufacturers simply raise the bit encryption. What was 128 became 256; so 512, 1024 will almost certainly follow.

Having self-encryption adds only minimally to the overall price of the disk. And for data hosting centres, simply erasing the key instantly wipes an entire drive, negating the need for time-consuming reformatting or repurposing: ISE - instant secure erase.

Enterprise encryption drives are currently available from Seagate Technology, HGST and Toshiba in HDD or SSD formats. The format is being standardised globally under the auspices of the open standard, not-for-profit industry-wide TCG (Trusted Computing Group).

Source: Hammer
Published Date: 01/12/2016

Back to News