Archive for the ‘Encryption’ Category

Hardware-based encryption to increase storage security

Monday, February 16th, 2009

Everyone would accept that it is crucial to store sensitive data encrypted whether it is housed in the data center or stored in notebooks or computers or if it is filled away on some removable storage disk. However as the recent headlines show, the problem is that very few organizations really bother. For instance, the previous week a person form New Zealand purchased a used MP3 player in Oklahoma and found nearly sixty files included with names and personal details of US military personnel. This is only the recent example of which demonstrates how lots of tapes, drivers and even notebooks are lost with sensitive data on them without encrypted.The industry standards groups along with several other bigger hard drive manufactures of the world hope to make it easier to protect sensitive data. Therefore the Trusted Computing Group unveiled this week three specifications for full disk encryption to be used in all types of storage devices and in encryption key management systems. As the technology in encryption management is largely based on the specification that is built into the hardware almost any storage device that uses this technology would require to use a password even before the system starts.

Therefore the devices that can use this specifying can range from standard computers, consumer gadgets to even notebooks and drivers used in data servers, centers and large storage arrays. Pete Lindstrom the research director at analyst form said that, this is an excellent effort to make encryption the standard features for all hard drives which builds security in an outstanding approach to such a difficult problem.

The three specifications include:

 Opal – The specification from Opal details al the requirement for fixed storage media notebooks and computers.

Storage Interface Interactions – The specification explain how all of the specifications of Trusted Computing Group interact with interface specifications and storage connections including ATAPI, ATA, Fiber Channel, SCSI and others.

 The Enterprise Security Subsystem Class – Their specification is mainly aimed at drives in high volume applications and data centers where generally there is a minimum security configuration during installations.

The backers for these TCG and other new specifications are Hitachi GST, Fujitsu, Western Digital, Wave System, Toshiba, Samsung, Seagate Technology, LSI Corp. and IBM. However according to Eric Orgen the analyst at the research firm in The Ogren Group, there are some state laws like in Massachusetts and Nevada for mandating full disk encryption on notebooks which contain consumer data. Therefore for this single reason corporations should understand the endpoint crypto abilities already available in simple tools like the Windows BitLocker. He further added that it is a 1.0 specification which means it is just the start. The storage vendors must familiarize wit the features of the standard also charge product management with determining the features reverberate with customers. Those features which are attractive to customers must be included in the product roadmap with a watchful eye to revising as the Trusted Computing Group specifications mature, Orgen further added.

Disk-drive Encryption gets boost from OPAL standards

Friday, February 13th, 2009

The efforts of the Opal Industry-Standards have been unveiled by their Trusted Computing Group this week which might prove a benefit to the professionals of information technology who explore desktop options in encryption. It is officially called as Opal Security Subsystem Class Specification 1.0 which includes a set of protocols and mechanisms for disk-drive encryption, configuration, authentication and policy management. Therefore when it is implemented into the disk drive or into the supporting security and client management software, Opal will offer IT managers the flexibility and ability to manage computers and use the Opal based encryption.

The IT director at CIB Heath Ken Waring said that it was exactly what they expected a software that has the ability to blend and match and they are also watching it go forward and improve in technology as they are currently using the embedded disk drive encryption in their Dell computers that include Wave system management software to safeguard their sensitive data. Although the CBI Heath have found this hardware based disk encryption to be a perfect way to protect their data, the only downside is that it restricts to be used on just one model. However Opal has made promises to design a new level of practical security so that the IT managers will be able to perfectly mix and match Opal based disk drivers of manufacturers including software management tools.

The Opal initiative backers of TCG who have made use of Advanced Encryption Standard also slot in disk-drive manufacturers Hitach, Fujitsu and Seagate and also software vendors like WinMagic, Wave, CryptoMill Technologies and several others. For instance, Fujitsu promises Opal to support in all of their Notebook drivers in both 7200 rpm and 5400 rpm in the second quarter. Lark Allen the vice president of the development at Wave said that the primary objective is how to entrench security into the drive in order to have authentication and encryption and also do it in a standardized way so that it works fine regardless of the drive used. He said this as he demonstrated the Opal based interoperability along with their Trusted Drive Manager working with Opal implementations of Fujitsu.

However Opal has proved to show recent efforts in satisfying the increasing corporate demands in disk encryption. There was full disk encryption cited as the highest client security technology to be adopted or piloted this year according to Forrester’s review of 942 security and IT managers in Europe and North America. Additionally, disk drive encryption is also increasingly becoming a necessity for both in transit and for stored data. In a few industry sectors or particularly in healthcare industries these encryptions are becoming a necessity to meet their regulatory requirements. Saeed Umar who is the IT project manager of Lancashire Teaching Hospitals NHS Foundation Trust of London said that the Health department needs that no patient data should be send without its encrypted. He has also said that the next encryption project should include deploying Endpoint Encryption of MaAfee on all their laptops for data protection.