Geeks in Paradise | Brian Chee | InfoWorld | Seagate's Full Disk Encryption (FDE) hard drive | March 12, 2007 09:55 AM

MORE ENTRIES

Seagate's Full Disk Encryption (FDE) hard drive

March 12, 2007 | Comments: (0)

Seagate's Full Disk Encryption (FDE) hard drive

I remember this announcement back in 2005, when Seagate first announced that they would release a hard drive with full disk encryption (FDE). Well, they now have the Momentus FDE line of notebook drives (5400RPM) with 192-bit Triple-DES encryption, and it will be part of ASI's $2,150 laptop. The 2.5" drive is aimed at corporate users and managers who need to deal with storing sensitive data on laptops. The product specs are here. Hardware encryption is definitely the way to go for FDE, since using software to encrypt every read/write operation would be way too slow even on a modern CPU. Seagate claims that with their on-board encryption, it only takes up 1~2% of the CPU resources. I wonder how well the VIA chips with AES built-in would handle the encryption. It would make an interesting benchmark...

One of my first questions is: "What happens when the user loses his/her password?". We all know that at some point, some person will lose his or her password. According to this article, there can be up to 4 master keys, and up to 4 user keys. So, if a sales rep quits unexpectedly, the sales manager can still use the master key to recover data on the laptop. Seagate also suggests it is possible to remotely manage the hard drive, to configure its user accounts and such. I hope administrators remember to NOT send their admin password for the hard drive in clear text over the Internet...

All in all, it looks like Seagate has brought to market a good product with the Momentus FDE line of drives. It has some good applications for corporations and government types as well.

Josh Kuo
Co-Owner of q!Bang Solutions

Mar 12, 2007

Posted by Josh Kuo on March 12, 2007 09:55 AM

RATE THIS ARTICLE:

COMMENTS

Interesting product. The big question is when will it be available. No one can answer this question today. I looked into this and password reocvery can be made easy with Wave's tools to manage this drive at http://www.wave.com

With the recent TJX issue and Nuclear data PC loss, I would expect the larger corporations to start mandating encryption at the hardware level. This product makes sense and couldn't come at a better time.

Posted by: JThorp at April 5, 2007 08:23 AM

The Seagate FDE.2 works in conjunction with management software from Wave Systes Corp. http://www.wave.com

Wave provides the "EMBASSY Remote Administration Server" for Trusted Drive remote management including:

- Initialization and administration
- Password management, control and recovery
- User management
- Pre-boot authentication setup
- Re-commissioning and de-commissioning of drives
Trusted Drive recovery

- Enables IT Administrators to remotely control security for enterprise deployment of TPM systems and Trusted Drives.
- Removes complexity of providing a totally secure environment for enterprise productivity.
- Facilitates easy deployment of TPM systems and Trusted Drives.
- Provides significant cost savings for deployment of advanced security.
- Boosts productivity of network administrators for dealing with TPMs and Trusted Drives.
- Provides a consistent management interface for systems containing secure hardware.

Aids in proving regulatory compliance.

Posted by: gerber at April 6, 2007 12:29 PM

I kinda think it is going overboard with the security, I mean do we need them so secure and as you were say Josh it only takes on ex worker to come over and key in.
More research needs to be done in order to come up with a solution that is good and practical.

Regards, Jason.
citylinkpcs.com.au

Posted by: Jason Falk at August 8, 2007 01:51 AM

Technology White Papers

InfoWorld Technology Marketplace

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert