Trusted Computing Group

Earlier this spring, Dr. Larry Ponemon and his team talked to hundreds - 517 to be specific - IT staffers about self-encrypting drives, which encrypts data continuously and transparently right on the drive. These drives are becoming more widely available and are starting to become standard-issue in some enterprise PCs. Advocates of these drives believe they are much more secure than drives encrypted with software. But what do real users think?

This week, a full, detailed report of a study examining that issue has become available. The study was conducted by Ponemon at the behest of the Trusted Computing Group, which created a specification for self-encrypting drives. While not all self-encrypting drives, or SEDs, use this spec, most of them do or will, because it allows interoperability and second sourcing for users.

The report expands on a summary issued in May. Some key points noted in this expanded report include:

- 36 percent are "concerned about performance" of software-based encryption and 35 percent believe software options reduce user productivity

- In contrast, when asked about hardware-based encryption, only 26 percent were concerned about performance and 9 percent with "diminished end-user productivity"

Not unexpectedly, given today's regulatory environment, compliance appears to be the main driver of encrypting data at rest (more than half of respondents) and almost half reporting they use encryption to support self-regulatory programs, with protection of financial documents and employee records being the most important types of data to protect.

Back to SEDs: one might wonder what potential users thought about hardware versus software encryption. Well, two-thirds said SEDs provide faster set-up time and 59 percent said SEDs provide enhanced scalability because encryption is handled right in the drive; 53 percent noted improved system performance for the same reason. And almost half of the IT practitioners surveyed noted that SEDs prevent tampering or disablement of encryption.

What is the role of SEDs in preventing data breaches, which, by the way, were experienced by 82 percent of those surveyed? Seventy percent noted that 81-100 percent of their sensitive data would have been protected if they'd been using SEDs. In other Ponemon research, the average cost of an unencrypted laptop is estimated at $56,165; with encryption, the cost drops by almost a third.

One parting thought: more than half of the IT practitioners surveyed thought that SEDs will become the standard of excellence in one to three years and 37 percent were willing to pay a premium for the benefits.

You can read the entire report here.