Seagate 15K.2 Self-Encrypting Drives for Servers, NAS, and SAN Arrays - Page 6

Self-Encrypting Drives for Servers, NAS and SAN Arrays Standardization of Self-Encrypting Drives promises lower acquisition costs as well. The world's top six hard drive vendors collaborated to develop the final enterprise specification published by the Trusted Computing Group (TCG). This specification, created to be the standard for developing and managing Self-Encrypting Drives, enables SEDs from different vendors to be interoperable. Such interoperability helps ensure greater market competition and lower prices for solution builders and end-users alike. Historically, the hard drive industry has repeatedly shown that industry-wide standards increase volume, which in turn lowers costs. These economies of scale help ensure incremental logic in the ASICs remains a small portion of drive material costs. (Appendix B provides a more detailed comparison of hard drive encryption technologies and explanation of the advantages of SEDs.) Conclusion Administrators of servers, SAN and NAS arrays have good reasons to want to encrypt their data. Self-Encrypting Drives address both those reasons and the concerns that have prevented some IT professionals from adopting data encryption until now. The benefits of Self-Encrypting Drives are clear. Instant secure erase cuts IT operational expense for retiring drives without the need to manage keys. Further, it preserves the value of the retired drive by enabling the drive to be securely repurposed or returned for service, warranty or expired lease. Auto-locking SEDs automatically help secure the data against drive theft or misplacement the moment a drive is removed from the system. A drive may be compromised, but it will never expose its data. Self-Encrypting Drives also offer compelling advantages. The encryption key doesn't need to be tracked or managed in order to recover data because the encryption key never leaves the drive, lessening concerns about being unable to decrypt one's own data. Only the authentication key must be tracked or managed, and it can be securely backed up, replicated and mirrored in disaster-recovery centers. And that key needn't be introduced and managed at all if an SED is used only for instant secure erase. SED encryption is automatic and transparent, avoiding costly changes to normal storage management, the OS, applications and databases. The significant cost savings of efficiently compressing and de-duplicating data in the storage system is fully maintained. In addition, performance scales linearly and automatically, and because all data can be encrypted without performance degradation, there's no need for costly and time-consuming data classification. Self-Encrypting Drives are standards-based for optimal manageability, interoperability and costefficiency, and all major hard drive manufacturers participated in the standards development. Key management is also becoming interoperable, with major storage vendors committed to support the Key Management Interoperability Protocol from OASIS. SEDs are designed to be integrated into standard products, which are implemented per the typical storage upgrade schedule. Simply put, encryption in the drive provides superior cost-effectiveness, performance, manageability and security when compared to other encrypting technologies. That's why many prominent analysts, system manufacturers and government agencies such as the NSA have concluded that encryption should be done in the drive. The bottom line: SEDs are a significant leap forward to improve security and lower the total cost of ownership in the world's servers, SANs and NAS arrays. Given that SEDs lower drive retirement costs and reduce IT headaches, many corporations are considering the benefit of incorporating SEDs into their security policies. Security policy writers should consider updating their policies to specifically require that all future hard drive purchases be SEDs when available. IBM and LSI are leading the way in building Self-Encrypting Drives into their solutions, and Seagate is rapidly introducing SEDs across its entire portfolio of hard drives. Other hard drive vendors have introduced SEDs as well, and it won't be long until all hard drives will be Self-Encrypting Drives. 6