Prevent most disk data losses with TPM-based self-encrypting storage

Posted by Ken Y-N on September 17th, 2008 at 04:23pm

For me this is the biggest no-brainer when it comes to looking at deployment of higher-security data protection systems in the enterprise, or even at home. The Trusted Computing Group (TCG) has specified a low-cost solution that implements encryption at the disk drive level. As Roget Kay of Endpoint Technologies says:

“I’m surprised that more enterprise IT managers are not using these technologies. When organizations lose data” – whether through thievery or mishap – “they face multimillion-dollar exposure to fines, legal fees, diminished market value, settlement payments, and impaired goodwill. With increased notebook usage, important corporate assets are now wandering all over the globe. These assets can be protected. IT managers can simply turn on the TPM in their client PCs, and they’ve taken the first step toward preventing network breaches that lead to data loss. Adding hardware-based self-encrypting storage, which is becoming widely available in enterprise notebooks, makes an even stronger security solution for minimal money and effort.”

With over 50,000 disk drives per day being decommissioned or reused, the loss of data is almost inevitable, as regular stories of auctioned systems having still-accessible confidential data witness.

However, help is at hand in the form of the TCG and the standards the members have created for self-encrypting storage based in the storage hardware, not on the platform software. This has multiple benefits, such as always-on, keys are not exposed in the operating system, and wiping the key store renders the contents instantly erased.

The TCG is not just present in disk drives, but also almost all enterprise PCs are now shipped with a Trusted Platform Module (TPM) that acts as a hardware password vault, and software applications are available to enable individual or corporate-wide maintainance of these TPMs. As Derek E Brink, a research fellow for IT Security at Aberdeen, says:

“Aberdeen’s research shows that a high percentage of trusted computing-ready devices and infrastructure already exists within the enterprise, but overall awareness about the benefits of trusted computing is still relatively low. The most compelling finding from our recent study is that users who have activated their existing trusted computing infrastructure actually have superior capabilities at security governance, risk management and compliance.”

The full press release PDF may be read on the official Trusted Computing Group web site, or in plain HTML here.

Tags:

Under Storage+ Uncategorized Tags:

Leave a Comment for Prevent most disk data losses with TPM-based self-encrypting storage

Required

Required, hidden

RSS Comments Feed RSS Comments Feed  |  Trackback this post

Recent Articles
Adverts

Tags
Blogroll
Categories