Self-encrypting hard drives automatically and continuously encrypt all data in the drive itself, protecting it from loss, theft or attack. This type of technology is becoming more important as we continue to see data loss incidents plague organizations around the world.
Data storage industry analyst Dr. Thomas Coughlin, who has more than 30 years in the data storage industry, this week revealed the industry’s first forecast examining the adoption of self-encrypting drives (SEDs).
Coughlin addressed attendees in an Emerging Technologies session at the NSA Trusted Computing Conference and Expo that took place this week in Orlando.
According to Coughlin’s research:
• By 2013 SED capability will be in over 80 percent of SSDs and likely in almost all SSDs by 2014.
• By 2017, almost all HDDs will include SED capability.
• By 2016 the high, median and low estimates for security adoption for SED HDDs are 411 million, 315 million and 122 million units.
What factors come into play when it comes to deployment of SEDs? Coughlin notes that a number of factors will foster adoption. These include cost parity of SEDs to non-self encrypting storage devices; no performance impact on individual systems with SEDs compared to software-based encryption; no performance overhead compared to software encryption running on the host; and possibly longer useful drive life than drives used in a software encrypted system, due to increased reads and writes with SW encryption.
The report also notes additional benefits of SEDs. These include:
• The encryption key is stored on the storage device and cannot be accessed through host hacking, which is a typical and common attack on systems with software encryption.
• SEDs are less complex to implement in storage array encryption solutions.
• Increasing legislation and regulations favor the use of SEDs, particularly those with FIPS 140 certification.
Servers and Desktop systems are not the only technology assets that make use of hard drives holding potentially sensitive corporate data. Copiers and printers often utilize hard disks in order to store and process documents, creating another data security risk for information security teams who are already challenged with security and compliance requirements.