Lenovo ThinkServer RD330 MegaRAID SAS Software User Guide - Page 47
SafeStore Disk Encryption
View all Lenovo ThinkServer RD330 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 47 highlights
MegaRAID SAS Software User Guide Chapter 3: SafeStore Disk Encryption | Overview Chapter 3 SafeStore Disk Encryption This chapter describes the SafeStore™ Disk Encryption service. The SafeStore Disk Encryption service is a collection of features within storage products that supports self-encrypting disks. SafeStore encryption services supports Local Key Management. 3.1 Overview 3.2 Purpose and Benefits The SafeStore Disk Encryption service offers the ability to encrypt data on drives and use disk-based key management to provide data security. This solution provides data protection in the event of theft or loss of physical drives. With self-encrypting drives, if you remove a drive from its storage system or the server it is housed in, the data on that drive is encrypted and useless to anyone who attempts to access without the appropriate security authorization. With the SafeStore encryption service, data is encrypted by the drives. You can designate which data to encrypt at the individual virtual disk (VD) level. Any encryption solution requires management of the encryption keys. The security service provides a way to manage these keys. Both the WebBIOS Configuration Utility (Chapter 4) and MegaRAID Storage Manager (Chapter 11) offer procedures that you can use to manage the security settings for the drives. Security is a growing market concern and requirement. MegaRAID customers are looking for a comprehensive storage encryption solution to protect data. You can use the SafeStore encryption service to help protect your data. In addition, SafeStore local key management removes the administrator from most of the daily tasks of securing data, thereby reducing user error and decreasing the risk of data loss. Also, SafeStore local key management supports instant secure erase of drives that permanently removes data when repurposing or decommissioning drives. These services provide a much more secure level of data erasure than other common erasure methods, such as overwriting or degaussing. Page 47