Hardware-based encryption to increase storage security
Everyone would accept that it is crucial to store sensitive data encrypted whether it is housed in the data center or stored in notebooks or computers or if it is filled away on some removable storage disk. However as the recent headlines show, the problem is that very few organizations really bother. For instance, the previous week a person form New Zealand purchased a used MP3 player in Oklahoma and found nearly sixty files included with names and personal details of US military personnel. This is only the recent example of which demonstrates how lots of tapes, drivers and even notebooks are lost with sensitive data on them without encrypted.The industry standards groups along with several other bigger hard drive manufactures of the world hope to make it easier to protect sensitive data. Therefore the Trusted Computing Group unveiled this week three specifications for full disk encryption to be used in all types of storage devices and in encryption key management systems. As the technology in encryption management is largely based on the specification that is built into the hardware almost any storage device that uses this technology would require to use a password even before the system starts.
Therefore the devices that can use this specifying can range from standard computers, consumer gadgets to even notebooks and drivers used in data servers, centers and large storage arrays. Pete Lindstrom the research director at analyst form said that, this is an excellent effort to make encryption the standard features for all hard drives which builds security in an outstanding approach to such a difficult problem.
The three specifications include:
Opal - The specification from Opal details al the requirement for fixed storage media notebooks and computers.
Storage Interface Interactions - The specification explain how all of the specifications of Trusted Computing Group interact with interface specifications and storage connections including ATAPI, ATA, Fiber Channel, SCSI and others.
The Enterprise Security Subsystem Class - Their specification is mainly aimed at drives in high volume applications and data centers where generally there is a minimum security configuration during installations.
The backers for these TCG and other new specifications are Hitachi GST, Fujitsu, Western Digital, Wave System, Toshiba, Samsung, Seagate Technology, LSI Corp. and IBM. However according to Eric Orgen the analyst at the research firm in The Ogren Group, there are some state laws like in Massachusetts and Nevada for mandating full disk encryption on notebooks which contain consumer data. Therefore for this single reason corporations should understand the endpoint crypto abilities already available in simple tools like the Windows BitLocker. He further added that it is a 1.0 specification which means it is just the start. The storage vendors must familiarize wit the features of the standard also charge product management with determining the features reverberate with customers. Those features which are attractive to customers must be included in the product roadmap with a watchful eye to revising as the Trusted Computing Group specifications mature, Orgen further added.
