Encrypting Hard Disk Could Exempt Companies From Data Breach Disclosure Laws, Seagate Claims - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

Encrypting Hard Disk Could Exempt Companies From Data Breach Disclosure Laws, Seagate Claims

Some states will exempt companies that suffer a data breach or theft from disclosure laws if they can prove that the stolen data was encrypted.

With the launch of its encrypting hard disk drive, Seagate Technology is making a claim that not many others dare to make. The manufacturer says companies that use its disk drive may be exempt from state data breach disclosure laws.

Seagate's new Momentus 5400 FDE.2 hard drive uses a government-grade security protocol to encrypt all stored data to prevent unauthorized access on lost or stolen laptops. "We can do some complex operations inside the drive like in-line encryption because we have the computing capability, the ability to manage encryption keys and passwords, and the ability to interface with biometrics," says Dan Good, VP of new business initiatives at Seagate. Users are required to have a password in order to access the hard drive

ASI Computer Technologies is the first computer maker to ship laptops with Seagate's encrypting hard drive. The laptops will come with a biometric fingerprint reader, which will require the user's fingerprint in addition to a password to access the hard drive. Additionally, Seagate says it partnered with software vendor, Wave Systems, to offer another layer for password management.

Laptop theft is a growing problem for companies because it affects the private information of customers. Many states have passed disclosure laws that require companies to inform customers that their information may have been compromised as a result of a laptop theft. Disclosure is both expensive and embarrassing for companies, which is why some states offer exemption to those companies that can prove that the stolen data was encrypted. Those companies don't have to notify customers about the data breach.

Seagate claims companies that use laptops with its Momentus 5400 FDE.2 hard drive will be except from disclosure, since the hard drive's built-in technology encrypts everything, even temporary files. The encryption also can't be turned off, so users can't violate policy management. "What this means is that if your computer was stolen, a thief may get into the operating system but they won't get into the hard drive," says Good. "The government and our customers told us that's how they wanted our system designed."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Commentary
The Growing Security Priority for DevOps and Cloud Migration
Joao-Pierre S. Ruth, Senior Writer,  9/3/2020
Commentary
Dark Side of AI: How to Make Artificial Intelligence Trustworthy
Guest Commentary, Guest Commentary,  9/15/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Slideshows
Flash Poll