Encrypting Hard Disk Could Exempt Companies From Data Breach Disclosure Laws, Seagate Claims
Some states will exempt companies that suffer a data breach or theft from disclosure laws if they can prove that the stolen data was encrypted.
With the launch of its encrypting hard disk drive, Seagate Technology is making a claim that not many others dare to make. The manufacturer says companies that use its disk drive may be exempt from state data breach disclosure laws.
Seagate's new Momentus 5400 FDE.2 hard drive uses a government-grade security protocol to encrypt all stored data to prevent unauthorized access on lost or stolen laptops. "We can do some complex operations inside the drive like in-line encryption because we have the computing capability, the ability to manage encryption keys and passwords, and the ability to interface with biometrics," says Dan Good, VP of new business initiatives at Seagate. Users are required to have a password in order to access the hard drive
ASI Computer Technologies is the first computer maker to ship laptops with Seagate's encrypting hard drive. The laptops will come with a biometric fingerprint reader, which will require the user's fingerprint in addition to a password to access the hard drive. Additionally, Seagate says it partnered with software vendor, Wave Systems, to offer another layer for password management.
Laptop theft is a growing problem for companies because it affects the private information of customers. Many states have passed disclosure laws that require companies to inform customers that their information may have been compromised as a result of a laptop theft. Disclosure is both expensive and embarrassing for companies, which is why some states offer exemption to those companies that can prove that the stolen data was encrypted. Those companies don't have to notify customers about the data breach.
Seagate claims companies that use laptops with its Momentus 5400 FDE.2 hard drive will be except from disclosure, since the hard drive's built-in technology encrypts everything, even temporary files. The encryption also can't be turned off, so users can't violate policy management. "What this means is that if your computer was stolen, a thief may get into the operating system but they won't get into the hard drive," says Good. "The government and our customers told us that's how they wanted our system designed."
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.