Seagate Targets Data Theft With Encrypted Hard Drive
The disk-drive maker announced it's working on a desktop hard drive with native encryption that will protect all the data on a stolen machine.
With the frequency of employee and customer information put at risk because a computer was stolen right out of an office, car, or home, a disk-drive maker decided to try to tackle the problem.
Seagate Technology announced that it's working on a drive for desktop PCs that will use embedded chips to encrypt the information on the drive -- all of the information. Then if the machine is stolen, the thief would have to come up with a password at minimum and two- or three-factor authentication at best.
"This is all about protecting data at rest," said Mike Hall, a spokesman for Seagate, in an interview. "Firewalls and VPNs protect data while it's in transit but we see all these headlines about machines that have been stolen. Firewalls and VPNs will do no good when the information is sitting on the computer which someone has stolen. That information is vulnerable unless that information is encrypted."
Just last month, security company VeriSign announced that a contract worker reported that her laptop, which held employee information, was stolen from her car. The employee no longer works at the company. A company spokeswoman told InformationWeek at the time that the woman, who worked in VeriSign's human resources department, failed to comply with company policies that mandate that data be encrypted and that employee information not be downloaded on laptop computers.
And late last year, a Boeing employee was fired after his laptop, which contained information on 382,000 current and former employees, was stolen. The employee, who wasn't identified, was fired because he violated company policy by downloading the information onto the laptop and not encrypting it.
The company announced on Wednesday that it expects to ship in mid-2008 a 1 terabyte desktop hard drive that uses government-grade encryption. Nicknamed the Barracuda 7200 FDE, the 3.5-inch drive has native encryption. Using AES encryption, the hard drive is designed to deliver end-point security for powered-down systems. Logging back on requires a pre-boot user password that can be beefed up with biometrics and smart cards.
Seagate came out with a 2.5-inch laptop hard drive with native encryption earlier this summer. The Momentus 5400 FDE.2 now is shipping. According to Hall, Dell, Lenovo, and Fujitsu are using the laptop hard drive.
He added that it's too early to say what PC manufacturers will pick up the encrypted desktop hard drive.
Hall said studies have shown that people aren't encrypting the data on their computers -- whether laptops or desktops -- because the encryption software can be expensive, it can slow system performance, and it's sometimes difficult to deploy.
The hard drives are designed to do the encrypting work for the user, he pointed out, adding that the user should not see any impact on system performance.
"Every lick of information on that hard drive is being encrypted in real-time," said Hall. "That's what this device was designed to do."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.