Trusted Computing Group

Since Trusted Computing Group first announced its efforts to enable self-encrypting drives that would be resistant to attack and invulnerable to loss or theft, there have been a number of vendors jumping in to provide both HDDs and SSDs using the TCG Opal specification. Among these are TCG members Hitachi, Samsung, Seagate and Toshiba. Other vendors also are jumping in, and a number of software vendors support SEDs for remote management, key management and other tasks. These include CryptoMill, McAfee, Secude, Softex, Symantec (via Guardian Edge acquisition), Wave Systems and WinMagic. No doubt others will emerge.

Today, TCG member Toshiba announced a new twist on these SEDs, which automatically and constantly encrypt all data on the fly in the drive controller, without user intervention or impact to system performance. The Toshiba MKxx61GSYG self-encrypting drives will completely wipe all data on the drive if the drive is connected to an unknown host.

Administrators can set various controls to allow data to be invalidated on command, on power cycle or in the event of a host authentication error. This is an industry first, and is anticipated to be a powerful tool in data protection for applications including PCs, copiers, multi-function printers and point-of-sale devices. Casual observers might not consider these devices to be as at risk as PCs, but incidents of data theft from digital copiers have highlighted vulnerable systems and have resulted in the loss or theft of sensitive and confidential corporate data.

Privacy Rights Clearinghouse reports that since 2005, 521,306,105 RECORDS have been lost. Ponemon Institute recently estimated the loss of each record to be $214 per compromised record and averaged $7.2 million per data breach event.

Given this cost and the associated negative publicity, legal implications and lost business, it probably makes a lot of of sense for businesses to consider SEDs as a critical security tool.