Seagate ST9500421AS Can Your Computer Keep a Secret? - Page 2

Can Your Computer Keep a Secret? Why All Laptop Data Protection Methods Are NOT Created Equal Comparison of Hard Drive Data Protection Methods There are a number of methods available to protect data on a hard drive. BIOS and operating system passwords are frequently used, but they only provide very minimal security and can be readily removed by unskilled attackers without requiring sophisticated tools. Hard drive password locking is one of the most relied-upon security methods today. It is stronger than BIOS or operating system passwords, but this common protective measure can be easily defeated as well. Software-based full drive encryption is significantly stronger than BIOS, operating system or hard drive password locking. Unfortunately, software-based encryption must run under the operating system and in the CPU, which can have an impact on the overall performance of the PC, as well as cause an exposure to the security methods used to safeguard the information on the PC itself. This means that there can be stealth processes running on the PC that can capture the encryption keys and even the non-encrypted data-which of course is not a very good scenario to have. Hard drive-based security provides some of the best and strongest encryption solutions for personal computers. No sensitive data or keys are available to the CPU or to other applications running under the operating system. In addition to the security advantages, encryption done in the drive's hardware offers other attractive advantages. First, hard drive-based encryption has clear performance and reliability advantages. Second, because the encryption is integrated into the drive read/write function, it is transparent to the user. And finally, "factory" encryption significantly reduces the costs of acquisition, deployment and administration. Comparison of Hard Drive Data Protection Methods BIOS Password Very minimal protection Available on nearly all PCs. Prevents the computer from fully booting unless the correct password is provided. Does not encrypt any data. Very easily thwarted, no special skills needed. For example, the hard drive can simply be moved to another device with the BIOS lock turned off. Operating System Password Very minimal protection Hard Drive Password (using ATA) Minimal protection Software-Based Full Drive Encryption Good protection Next-Generation Encrypting Hard Drives Excellent protection Access to general OS functions is denied unless the correct password is given. Does not encrypt any data. Easily defeated by moving the hard drive to another computer. No special skills needed. Offers very minimal protection. Available on most notebooks and some desktops. Prevents the drive from retrieving data unless the correct password is provided. Does not encrypt any data. Easily defeated but requires specific skills or hiring someone with those skills. Stronger than BIOS or OS passwords but still weak protection and not suitable for data worth more than US$100. Add-on security product that modifies the hard drive drivers and encrypts all data as it is written to the drive. Requires correct password before the data is decrypted. Offers good protection but expensive to purchase and deploy, and impacts system performance which sometimes leads end users to turn it off. There is a potential for malware, trojans or rootkits to remotely turn off the software protection (the same as end users) without proper methods of protecting the software itself from attacks. Also worth noting, some software-based products require the encryption to be turned off whenever an operating system update must be installed-causing an administration burden and also risk of exposure. The hard drive contains built-in cryptographic hardware that encrypts all data as it is written to the drive. Requires the correct password to decrypt any data. Built into the computer so it's not an add-on, and totally transparent to the user. Does not impact performance. Extremely difficult to defeat when good passwords are used. Offers excellent protection.