Lenovo ThinkServer RD240 MegaRAID SAS Software User Guide - Page 75
Instant Secure Erase, National Institute of Standards and Technology
![]() |
View all Lenovo ThinkServer RD240 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 75 highlights
3.5 Instant Secure Erase Instant Secure Erase is a method of data erasure that you can use with FDE drives. After the initial investment into a FDE disk, there is no additional cost in dollars or time to erase data using the Instant Secure Erase feature. You can change the encryption key for all MegaRAID RAID controllers that are connected to FDE disks. All FDE drives, whether locked or unlocked, always have an encryption key. This key is set by the drive and is always active. When the drive is unlocked, the data to host from the drive (on reads) and from the host to the drive cache (on writes) is always provided. However, when resting on the drive platters, the data is always encrypted by the drive. You might not want to lock your drives because you have to manage a password if they are locked. Even if you do not lock the drives, there is still a benefit to using FDE disks. If you are concerned about data theft or other security issues, you might already invest in drive disposal costs, and there are benefits to using FDE over other technologies that exists today, both in terms of the security provided and time saved. If the encryption key on the drive changes, the drive cannot decrypt the data on the platters, effectively erasing the data on the disks. The National Institute of Standards and Technology (http://www.nist.gov) values this type of data erasure above secure erase and below physical destruction of the device. There are four major reasons for using instant secure erase. If there is a need to repurpose the hard drive for a different application - You might need to move the drive to another server to expand storage elsewhere, but the drive is in use. The data on the drive might contain sensitive data including customer information that, if lost or divulged, could cause an embarrassing disclosure of a security hole. You can use the instant secure erase feature to effectively erase the data so the drive can be moved to another server or area without concern that old data could be found. Instant Secure Erase 3-7
![](/manual_guide/products/lenovo-thinkserver-rd230-megaraid-sas-software-user-guide-7a323ec/75.png)