Self Encrypting Drives
Posted by Vishal Gandhi on Mon, Jan 30, 2012 @ 01:02 AM
Self Encrypting Drives
Encryption is used by organizations to mitigate the damage that is caused by data breaches, to comply with privacy and data protection regulations and preserve brand and reputation. It is equally essential to deploy encryption across enterprises and this can be done using many different approaches and strategies.
A Study of IT Practitioners, conducted by Ponemon Institute and sponsored by the Trusted Computing Group (TCG), is to understand organizations’ use of hardware-based encryption technologies, including self-encrypting hard and solid state drives.
Self-encrypting drives (SED's) are a recent addition to the technologies used to protect stored data on drives. SED’s are hardware based data security against data breaches, data leaking and to protect data at rest.
SED's the Market insight?
Encryption can be hardware and software based. As understanding and awareness about the capabilities of hardware-based encryption versus software-based encryption grows, we predict that there will be greater adoption of SED's.
On an average, the cost per stolen record comes to $214. This also concludes that the organizations lost an average of approximately 16000 records from data breach, data leaking. Thus, if any single incident occurs, the cost shoots up to around $3.4 million. These numbers play a lead role when it comes to making a business case for investing in SED’s.
SED's provide -
- Hardware-based data security and enhanced secure erase capability. SED's continuously scramble data using a key as it is written to the drive and then descramble it with the key as it is retrieved, giving users a high level of data protection.
- It also speeds and simplifies the drive re-deployment process. By deleting the encryption key, the data is rendered unreadable, eliminating the need for time-consuming dataoverwrite.
The IT practitioners participating in this kind of research appear to have high regard for SED’s and their ability to protect data stored on computers with no impact on performance. The barriers to adoption appear to be perceptions about cost and not understanding the hard drive options that are available to their organization.
The majority of respondents agree that in terms of protecting data-at-rest, hardware-based encryption (including SED's) are more secure than software-based encryption. In fact, 70 percent say that SED's would have had an enormous and positive impact on the protection of sensitive and confidential information in the event that a data breach should occur.
The majority of organizations use software-based encryption or a combination of hardware and software-based encryption. The most likely reasons for doing so are perceptions that it is less costly to implement and that they do not fully understand hardware-based encryption technology options available to their organization. In contrast, those who seem to prefer hardware-based encryption believe it does not diminish end-user productivity and it is not too hard to implement. As a possible explanation as to why respondents hold these perceptions, SED's have been available only for the past two years.
Therefore, it seems as if IT practitioners need more awareness about the features and functionality of SED's in order to make informed decisions.
It also concludes that the majority of IT practitioners in this study predict that SED's will become the standard of excellence in desktop and laptop drive security in the very near future.
For detailed information, visit
http://www.trustedcomputinggroup.org/files/static_page_files/67318BEF-1A4B-B294-D00BDAD736433305/TCG_Ponemon_SED_Survey_Report.Final.pdf