Monday, March 17, 2014

Self Encrypting SSD (SED) to Rescue Security/ Privacy?

The article below discusses benefits of integrating encrypting in the hardware.

"Samsung claims that self-encrypting drives are the solutions to better security...can protect sensitive data better than software solutions because self-encrypting SSDs automatically encrypt information as it's saved to the drive.

A key benefit of SED (Self Encrypting Drive) is the automated process, which makes it difficult for human error leaving the data vulnerable (see Missed Alarms, 40 Mil. Stolen Credit Card Numbers: Target Blew It). In addition, the additional security level of the hardware on silicon chip increase the difficulty for anybody trying to access the data.

Remaining issues in protecting the data:
Is there any way to replicate the encryption key stored on the silicon chip?

Can a government or a malicious vendor duplicate the encryption and transmit it through a back door?

Ron
Insightful, timely, and accurate semiconductor consulting.
Semiconductor information and news at - http://www.maltiel-consulting.com/



Will Self-Encrypting Drives Help Stop Data Breaches?

  • Mar 14, 2014 8:00 AM EST
In light of all the security breaches last year, companies are looking for ways to protect their own and their clients' data. Samsung claims that self-encrypting drives are the solutions to better security software protection. In a recent infographic, the company outlines a few reasons why self-encrypting drives are better for businesses.
In 2012, well over 250 million records with personal information were compromised in security breaches. That same year, the average cost of a data breach was more than five million dollars. Samsung claims this devastating problem can be alleviated with an easy solution: swapping out a PC's hard disk drive for a solid state drive (SSD) with self-encrypting drive (SED) technology. These drives can protect sensitive data better than software solutions because self-encrypting SSDs automatically encrypt information as it's saved to the drive. 
The Perks of SSD with SEDFirst off, data encryption and key management happen in drive hardware so putting in an SSD with SED leads to better security and system performance. Software encryption is just another process on a host device, which makes it more vulnerable to attacks and hinders PC performance when it encrypts data.
Oftentimes employees will turn off software-based encryption, which leads to noncompliance risk. SEDs, on the other hand, cannot be disabled, and encryption transparent to users. There's no need to download special security software to use SEDs either; they meet requirements for enterprise applications and can be controlled by security management software.
Why Self-Encrypting SSD Is the SolutionUsing Crypto Erase technology to wipe out data on your SED is a quick and painless process: the drive simply deletes the active encryption key. Trying to render data unreadable on a hard drive with software-based encryption, on the other hand, can take up a lot more of your time and money.
An additional perk is that SEDs fulfill government and industry requirements that laws like FACTA and HIPAA implement to regulate the security of private electronic data. Several laws also include a Safe Harbor convention for encrypted data, which spares organizations the embarrassment and expense of a public notification of data breaches.
Self-encrypting SSDs costs less than 80 cents per gigabyte, potentially saving millions of dollars for many companies. These drives could be a great tool for companies to use to protect consumer information and avoid the headaches of data breaches. 

No comments:

Post a Comment