Trusted Computing Basics: Self-Encrypting Drives
|
|
- Lambert Roberts
- 8 years ago
- Views:
Transcription
1 09/21/2011 Trusted Computing Basics: Self-Encrypting Drives Ryan C. Getek, Ph.D. CISSP-ISSEP Secure Storage Lead, Trusted Computing Division, NCSC Jason Cox Client Security Products Lead, Seagate Technology
2 Agenda Background TCG Storage Specifications/Docs Features and Architecture Quick Software-Based FDE Review Opal Device Layout Overview Use Cases and Why to Choose an Opal SED Availability and Cost Storage Market Summary 2
3 Background: Goals Always on encryption Dedicated encryption hardware Typically at or near line speed AES 128 or 256 bit encryption Mode discoverable, commonly CBC, XTS 32 byte authentication factors supported Multiple independent encryption ranges Strong access control Locking 3
4 Background: Technical Foundations ATA and SCSI command sets added commands to support security payloads Sometimes called container commands Used by both TCG and IEEE
5 TCG Storage Specifications/Docs Core Specification (v1 2007, v2 2009) Security Subsystem Classes (SSCs) Define subsets of core features Enterprise SSC (2007) Opal SSC (2009) Storage Interface Interactions Specification Opal and Enterprise Application Notes TCG, Storage Developers. 5
6 Features and Architecture Not required, just common 6
7 Opal SSC Features and Architecture Users Opal v1: 1 admin, 4 users (minimum) Tables with methods Get, Set, Authenticate Also configuration and cryptographic methods LBA Ranges 1 Global, 4 configurable (minimum) Users have permissions in tables that control access to data in LBA Ranges and features 7
8 Features and Architecture Security Providers (SPs) Admin: For enabling and disabling Locking SP Locking: For actions such as taking ownership (wrapping MEK with user credentials), managing LBA ranges, and turning on/of MBR Shadowing Sample pseudo-commands Request: Get (tell) me the AES 256 mode! Response: CBC mode Request: Set MBR Shadowing to done! Response: Success 8
9 Quick SW-Based FDE Review User (LBA 0 to LBA [Max]) Device System Area Typically unencrypted A Single Partition 1. User/OEM installs OS 2. User/OEM installs FDE application 3. To support pre-boot authentication, an unencrypted area is needed for the associated application 9
10 Quick SW-Based FDE Review User (LBA 0 to LBA [Max]) Device System Area Typically unencrypted Partition 1 Partition 2 1. Start FDE initialization 2. Create a preboot partition 3. Install preboot code in partition 1 4. Encrypt-in-place user data in partition 2 Takes about 1 min per GB Plaintext may remain, depending on media type and characteristics 5. End of life 10
11 Opal Device Layout Overview User (LBA 0 to LBA [Max]) Device System Area Typically unencrypted User Data Area ALWAYS encrypted Ships from factory with media encryption key in the clear Works just like a nonencrypting drive until ownership is taken Unless you intentionally purchased an SED or perform discovery, you likely won t even know 11
12 Opal Device Layout Overview User (LBA 0 to LBA [Max]) Device Access with IF-SEND and IF-RECEIVE Typically contains pre-boot authentication app Typically contains pre-boot variables Default range, contains user data Admin-configured range, contains user data Admin-configured range, contains user data (rest of the default range that is not used by any admin-configured LBA ranges) 12
13 Opal Device Layout Overview User (LBA 0 to LBA [Max]) Device 1. User/OEM installs OS 2. User/OEM installs Opal software application 3. Take ownership 1. Device wraps MEK, access tables configured, set to lock on reset 2. Populate Shadow MBR with pre-boot code 3. If desired, place variables in DataStore area 4. Establishes LBA Ranges, if desired 5. Takes moments 13
14 Opal Device Layout Overview Ranges and associated configurations 14
15 Use Cases and Why to Choose Opal Data-At-Rest (DAR) on Lost or stolen laptop/pc Plus remote sanitization Strong encryption, strong authentication Discoverability Identity, capabilities, and state Performance Fast initialization Latency and throughput Simplicity No need to create pre-boot partition No need for encrypting OS filter driver 15
16 Use Cases and Why to Choose Opal Resistance to multi-visit attacks Read-only Shadow MBR Region But, primary use case is DAR Multi-boot different partitions Read only partition(s) Golden OS Secure Recovery of System Files OEM OS/App Recovery Partition Repurposing Internal or external 16
17 Use Cases and Why to Choose Opal All data always encrypted Problem with installing sw-based encryption on SSDs End of life sanitization of keys has related problem Performance BitLocker (software only) ~29.7% overhead 1 AES-NI assisted BitLocker ~17.5% overhead 1 Opal disk encryption ~0% overhead Note that overhead varies with file size, quantity, and transfer type Shimpi, Anand Lal. The Clarkdale Review: Intel's Core i5 661, i3 540 & i /04/10. Retrieved 08/03/11. 17
18 Use Cases and Why to Choose Opal Explosion of unsecured devices A storage device without encryption, even if later encrypted, could retain sensitive data Tight coupling between storage device, encryption, and controller adds value Logical approach to Data-At-Rest protection Advanced applications (such as in use cases) End of life sanitization 18
19 Availability and Cost OEMs Dell HP Lenovo TCG Opal Drive Manufacturers Hitachi: platter-based Micron: solid state Samsung: solid state, FIPS 140 pending Seagate: platter-based, FIPS 140 Toshiba (and former Fujitsu): platter-based 19
20 Availability and Cost TCG Opal Software Vendors Absolute Software CryptoMill McAfee/Safeboot Secude Softex Sophos Symantec/GuardianEdge Wave Systems WinMagic 20
21 Availability and Cost TCG Enterprise Drive Manufacturers Hitachi: platter-based, solid state Seagate: platter-based, FIPS 140; solid state, FIPS pending Toshiba: platter-based TCG Enterprise Storage Controller Manufacturers LSI TCG Storage Device Controller vendors Marvell SandForce Device Qualification Test Suite ULINK 21
22 Availability and Cost Cost Examples Dell Optiplex HP 990 desktop 1 : 250GB (non-encr.) to 320GB FIPS 140 Opal: $18.84* E6420 laptop 1 : 320GB (non-encr.) to 320GB FIPS 140 Opal: $34.26* 8200 desktop 2 : 320GB (non-encr.) to 320GB SED: $18.00 Elitebook 8440w 2 : 320GB (non-encr.) to 320GB SED: $0.00 Froogle Seagate 2.5 (thin) 320Gb non-encr. vs. same drive as SED with FIPS 140 Non-encrypting 3 : $80.48, FIPS 140 SED 3 : $71.35 The SED is $9.13 cheaper 1 Dell Federal Online Store, USFF Optiplex 990, retrieved August 2, HP Enterprise Online Store, 8440w laptop, retrieved August 2, Froogle.com search for ST320LT007 and ST320LT009, retrieved August 2, 2011 *Dell Opal models also include additional features such as 512e/4K sectors 22
23 Secure Storage Market Summary Why isn t everyone using an SED 1? Poor timing Software filling the gap (industry now moving towards DLP) Lack of compelling functionality Faster and more secure, but users apathetic No market push OEMs not pushing SEDs Higher (perceived) cost 10% premium for PC with SED, plus purchase software (as per previous slide, this isn t true) 1 Oltsik, Jon. I Was Wrong About Self-Encrypting Hard Drives. NetworkWorld 07/27/11. Retrieved 08/03/11. 23
24 Conclusion SEDs offer substantial performance benefits SEDs offer strong data-at-rest protection SEDs are available today Range of software options for management Security ATA mode is another option SEDs serve many use cases Doing DAR well is just one of them Ask for Opal SEDs when purchasing PCs/laptops 24
Factory-Installed, Standards-Based Hardware Security. Steven K. Sprague President & CEO, Wave Systems Corp.
Factory-Installed, Standards-Based Hardware Security Steven K. Sprague President & CEO, Wave Systems Corp. The challenge We are having a little problem with identity and data theft. It is time to reduce
More informationMaking Data at Rest Encryption Easy
Making Data at Rest Encryption Easy MM/DD/YYYY Jason Cox Client Security Products Lead Seagate Technology What is SED? Self Encrypting Drive Basics The storage device LOCKS when it powers OFF. The storage
More informationNew Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise
New Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise Contents Addressing Common Encryption Issues... 2 Always-On Encryption... 2 Timesavings...
More informationTechnical Note. Installing Micron SEDs in Windows 8 and 10. Introduction. TN-FD-28: Installing Micron SEDs in Windows 8 and 10.
Technical Note Installing Micron SEDs in Windows 8 and 10 TN-FD-28: Installing Micron SEDs in Windows 8 and 10 Introduction Introduction Self-encrypting drives (SEDs) can provide an effective way of protecting
More informationBypassing Self- Encrypting Drives (SED) in Enterprise Environments. Daniel Boteanu Kevvie Fowler November 12 th, 2015
Bypassing Self- Encrypting Drives (SED) in Enterprise Environments Daniel Boteanu Kevvie Fowler November 12 th, 2015 Who are we? Daniel Boteanu Forensic Technology and ediscovery, KPMG Canada M.Eng., M.Sc.
More informationAdvances in Storage Security Standards Jason Cox Intel Corporation
Advances in Storage Security Standards Jason Cox Intel Corporation Objectives Overview of Trusted Computing Group (TCG) Storage Work Group Review of TCG Document types and Goals Describe recent specifications
More informationData Security Using TCG Self-Encrypting Drive Technology
Data Security Using TCG Self-Encrypting Drive Technology June 11, 2013 2:00PM EDT Copyright 2013 Trusted Computing Group 1 Copyright 2013 Trusted Computing Group 2 Tom Coughlin, Founder, Coughlin Associates.
More informationFDE Performance Comparison. Hardware Versus Software Full Drive Encryption
FDE Performance Comparison Hardware Versus Full Drive Encryption A look at performance and other differences between hardware based self-encrypting drives and software approaches to full disk encryption
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationDisk Encryption. Aaron Howard IT Security Office
Disk Encryption Aaron Howard IT Security Office Types of Disk Encryption? Folder Encryption Volume or Full Disk Encryption OS / Boot Volume Data Volume Managed or Unmanaged Key Backup and Data Assurance
More informationA Comprehensive Plan to Simplify Endpoint Encryption
A Comprehensive Plan to Simplify Endpoint Encryption Managing SEDs, BitLocker, and FileVault Together from the Cloud Executive Summary Encryption is an essential component of any information security plan.
More informationOpal SSDs Integrated with TPMs
Opal SSDs Integrated with TPMs August 21, 2012 Robert Thibadeau, Ph.D. U.S. Army SSDs Must be Opal s We also Studied using the TPM (Trusted Platform Module) with an Opal SSD (Self-Encrypting Drive) 2 Security
More informationSelf Encrypting Drive Market & Technology Report
Self Encrypting Drive Market & Technology Report Thomas M. Coughlin Coughlin Associates, Inc. August 2011 2011 Coughlin Associates, Inc. www.tomcoughlin.com 408-978-8184 The Self-Encrypted Drive Market
More informationHow Cloud Computing Can Accelerate Endpoint Encryption:
How Cloud Computing Can Accelerate Endpoint Encryption: Managing Self-Encrypting Drives in the Cloud Executive Summary Cloud computing is transforming IT for businesses of all sizes, but not without significant
More informationSamsung SED Security in Collaboration with Wave Systems
Samsung SED Security in Collaboration with Wave Systems Safeguarding sensitive data with enhanced performance, robust security, and manageability Samsung Super-speed Drive Secure sensitive data economically
More informationSolid Security: The Rise of Self-Encrypting. Solid State Drives. Thomas Coughlin
Self-Encrypting PRESENTATION TITLE GOES HERE Solid State Drives Thomas Coughlin Marketing Chair, SNIA Solid State Storage Initiative President, Coughlin Associates About the Presenter Tom Coughlin, Marketing
More informationSeagate Secure Technology
Seagate Secure Technology Marketing Bulletin Frequently Asked Questions What is the value of a self-encrypting drive (SED)? SEDs ensure user data can be quickly deleted (erased) using standard drive commands,
More informationWhitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015
Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure Addressing the Concerns of the IT Professional Rob Weber February 2015 Page 2 Table of Contents What is BitLocker?... 3 What is
More informationStrategies for Firmware Support of Self-Encrypting Drives
presented by Strategies for Firmware Support of Self-Encrypting Drives UEFI Winter Plugfest February 21-23, 2011 Presented by Jeff Bobzin (Insyde Software, Inc.) Updated 2011-06-01 UEFI Plugfest February
More informationGain Complete Data Protection with SanDisk Self-Encrypting SSDs and Wave Systems
Gain Complete Data Protection with SanDisk Self-Encrypting SSDs and Wave Systems Built-in Security to Protect Sensitive Data without Sacrificing Performance What is an SED? A self-encrypting drive performs
More informationPerceptions about Self-Encrypting Drives: A Study of IT Practitioners
Perceptions about Self-Encrypting Drives: A Study of IT Practitioners Executive Summary Sponsored by Trusted Computing Group Independently conducted by Ponemon Institute LLC Publication Date: April 2011
More informationQuickSpecs. SATA (Serial ATA) Hard Drives for HP Workstations. Introduction. SATA (Serial ATA) Hard Drives for HP Workstations.
Overview Introduction Commercial grade SATA 7200 rpm drives are our standard high bandwidth hard drive storage option. Storage capacities for the 7200 rpm drives range up to a massive 4.0TB. This enables
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationSolid-State Drives with Self-Encryption: Solidly Secure
Solid-State Drives with Self-Encryption: Solidly Secure 09/22/2011 Michael Willett Storage Security Strategist SAMSUNG SOLID STATE DRIVES Solid-State Drives SSD ADVANTAGES SOLID STATE DRIVES Save $$ on
More informationXTREMIO DATA AT REST ENCRYPTION
White Paper XTREMIO DATA AT REST ENCRYPTION Abstract Data at Rest Encryption is a mandatory requirement in various industries that host private or sensitive data. This white paper introduces and explains
More informationKeep Your Data Secure: Fighting Back With Flash
Keep Your Data Secure: Fighting Back With Flash CONTENTS: Executive Summary...1 Data Encryption: Ensuring Peace of Mind...2 Enhanced Encryption and Device Decommission in the Enterprise...3 Freeing Up
More informationKingston KC300 Security Toolbox
Intended for: SKC300S37A/60G SKC300S37A/120G SKC300S37A/180G SKC300S37A/240G SKC300S37A/480G Firmware Rev. 600ABBF0 The PSID Revert and the Enable/Disable IEEE1667 (or Microsoft edrive) operations described
More informationSolid State Drives (SSD) with Self Encryption: Solidly Secure Michael Willett Storage Security Strategist Independent Consultant
Solid State Drives (SSD) with Self Encryption: Solidly Secure Michael Willett Storage Security Strategist Independent Consultant Flash Memory Summit 2014 Santa Clara, CA 1 The Problem 2005-2013: over 864,108,052
More informationCommercially Proven Trusted Computing Solutions RSA 2010
Commercially Proven Trusted Computing Solutions RSA 2010 Hardware Self-Encrypting Drives (SEDs) Unique Security Features Encryption below the file system Hardware root-of-trust for encryption Tamper resistant
More informationBitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation
BitLocker Drive Encryption Hardware Enhanced Data Protection Shon Eizenhoefer, Program Manager Microsoft Corporation Agenda Security Background BitLocker Drive Encryption TPM Overview Building a BitLocker
More informationSecurity for Disk Drive Data at Rest Disk Drive Opportunities?
Security for Disk Drive Data at Rest Disk Drive Opportunities?, CMRR gfhughes@ucsd.edu, 858-534-5317 Protect data where it lies In the disk drives where it resides Why not evolve the ATA password system
More informationSeagate Instant Secure Erase Deployment Options
Technology Paper Seagate Instant Secure Erase Introduction When hard drives are retired and moved outside the data centre into the hands of others, the data on those drives is put at significant risk.
More informationBypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken
Bypassing Local Windows Authentication to Defeat Full Disk Encryption Ian Haken Who Am I? Currently a security researcher at Synopsys, working on application security tools and Coverity s static analysis
More informationSecurity Overview for Windows Vista. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation
Security Overview for Windows Vista Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation Agenda User and group changes Encryption changes Audit changes User rights New and modified
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationFull Disk Encryption Drives & Management Software. The Ultimate Security Solution For Data At Rest
Full Disk Encryption Drives & Management Software The Ultimate Security Solution For Data At Rest Agenda Introduction Information Security Challenges Dell Simplifies Security Trusted Drive Technology Seagate
More informationFull Drive Encryption Security Problem Definition - Encryption Engine
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Full Drive Encryption Security Problem Definition - Encryption Engine Introduction for the FDE Collaborative Protection Profiles
More informationSelf Encrypting Drive Market & Technology Report
Self Encrypting Drive Market & Technology Report Thomas M. Coughlin Coughlin Associates, Inc. August 2011 2011 Coughlin Associates, Inc. www.tomcoughlin.com 408-978-8184 The Self-Encrypted Drive Market
More information2011 Self Encrypting Drive Market and Technology Report
Brochure More information from http://www.researchandmarkets.com/reports/1935939/ 2011 Self Encrypting Drive Market and Technology Report Description: In July and August 2011, in cooperation with members
More informationIntel RAID Controller Premium Feature Key Training
Intel RAID Controller Premium Feature Key Training AXXRPFKSNSH Snapshot Recovery AXXRPFKDE Self Encrypting Drive (SED) AXXRPFKSSD SSD Cache with Fastpath Note: Graphics for this training is based on RAID
More informationUsing BitLocker As Part Of A Customer Data Protection Program: Part 1
Using BitLocker As Part Of A Customer Data Protection Program: Part 1 Tech Tip by Philip Cox Source: searchsecuritychannel.com As an information security consultant, one of my jobs is to help my clients
More informationA Guide to Managing Microsoft BitLocker in the Enterprise
20140410 A Guide to Managing Microsoft BitLocker in the Enterprise TABLE OF CONTENTS Introduction 2 Why You Can t Ignore Effective FDE 3 BitLocker by Default 4 BitLocker s Total Cost of Ownership 5 SecureDoc
More informationFull Drive Encryption with Samsung Solid State Drives
Full Drive with Solid State Drives A performance and general review of s new selfencrypting solid state drives. Trusted Strategies LLC Author: Bill Bosen November 2010 Sponsored by Electronics Full Drive
More informationData-at-Rest Encryption Addresses SAN Security Requirements
Data-at-Rest Encryption Addresses SAN Security Requirements QLogic 2500 Series Fibre Channel Adapters Meet Enterprise Security Needs Key Findings SAN security via encryption is necessary for protecting
More informationUser s Guide Part 1. Enterprise Self-Encrypting Drives
User s Guide Part 1 Enterprise Self-Encrypting Drives 100515636 Rev. A August 2009 2009, Seagate Technology LLC All rights reserved. Publication number: 100515636, Rev. A August 2009 Seagate, Seagate Technology
More informationSelf-Encrypting Hard Disk Drives in the Data Center
Technology Paper Self-Encrypting Hard Disk Introduction At least 35 U.S. states now have data privacy laws that state if you encrypt data-at-rest, you don t have to report breaches of that data. U.S. Congressional
More informationERNW Newsletter 42 / December 2013
ERNW Newsletter 42 / December 2013 Dangers of Disabled Pre-Boot Authentication in Corporate Environments: Attacking Check Point s Full Disk Encryption with Activated WIL Version: 1.1 Date: 12/16/2013 Author(s):
More informationSeagate Momentus FDE Self-Encrypting Drive
Marketing Bulletin Seagate Momentus FDE Information for Integrators This bulletin is provided for informational purposes only. Seagate provides no warranty either expressed or implied regarding the accuracy
More informationEMBASSY Remote Administration Server (ERAS) Administrator Manual
EMBASSY Remote Administration Server (ERAS) Administrator Manual Part III BitLocker, Trusted Platform Module, SafeNet ProtectDrive and Dell BIOS & CV Management ERAS Version 2.8 Document Version 1.0.0.20
More informationComprehensive Endpoint Security
Comprehensive Endpoint Security Protecting Data-at-Rest Compliance with data and security regulations Joseph Belsanti Director, Marketing WinMagic Inc. Agenda Key Messages Company Snapshot Evaluation Criteria
More informationSelf-Encrypting Drives
Jon Tanguy Senior SSD Technical Marketing Engineer Micron Technology, Inc. February 14, 2014 What is Encryption? In its simplest form, encryption is a mechanism used to obscure data from any unintended
More informationEncryption as a Cloud Service provides the lowest TCO
Encryption as a Cloud Service provides the lowest TCO Alertsec offer Full Disk Encryption at half the total cost of ownership of on-premise solutions Contents Executive Summary... 3 The Costs of Encryption...
More informationEMC VNX2: Data at Rest Encryption
White Paper EMC VNX2: Data at Rest Encryption Abstract This white paper introduces Data at Rest Encryption for EMC VNX 2, a feature that provides data protection if a drive is stolen or misplaced. This
More informationHardware versus Software
Sponsored by Seagate Hardware versus Software A Usability Comparison of Software-Based Encryption with Seagate DriveTrust Hardware-Based Encryption A SANS Whitepaper September 2007 Written by: J.D. Hietala
More informationACER ProShield. Table of Contents
ACER ProShield Table of Contents Revision History... 3 Legal Notices... 4 Executive Summary... 5 Introduction... 5 Protection against unauthorized access... 6 Why ACER ProShield... 7 ACER ProShield...
More informationHypervisor-based Background Encryption
-based Background Encryption Yushi OMOTE University of Tsukuba Full-Disk Encryption (FDE) Recent study shows 10% of laptop computers are lost or stolen every year* To prevent data breach, many organizations
More informationDate: March 2006. Reference No. RTS-CB 018
Customer Bulletin Product Model Name: CS3102 and FS3102 subsystems Date: March 2006 Reference No. RTS-CB 018 SUBJECT: Volumes greater than 2TB on Windows OS Overview This document explores how different
More information1. System Requirements
BounceBack Data Transfer 14.2 User Guide This guide presents you with information on how to use BounceBack Data Transfer 14.2. Contents 1. System Requirements 2. Attaching Your New Hard Drive To The Data
More informationEncrypted SSDs: Self-Encryption Versus Software Solutions
Encrypted SSDs: Self-Encryption Versus Software Solutions Michael Willett Storage Security Strategist and VP Marketing Bright Plaza Flash Memory Summit 2015 Santa Clara, CA 1 The Problem 2005-2013: over
More informationIntroduction to BitLocker FVE
Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk
More informationEncrypted Storage: Self-Encryption versus Software Solutions. Dr. Michael Willett Storage Security Strategist
Encrypted Storage: Self-Encryption versus Software Solutions PRESENTATION TITLE GOES HERE Dr. Michael Willett Storage Security Strategist Independent Consultant ABSTRACT The Trusted Computing Group has
More informationFrequently Asked Questions: EMC Isilon Data at Rest Encryption Solution
1 Frequently Asked Questions: EMC Isilon Data at Rest Encryption Solution Table of Contents What s New? Target Customers Customer Benefits Competitive Positioning Technical Sales Questions General Sales
More informationGPT hard Disk Drives. For HP Desktops. Abstract. Why GPT? April 2011. Table of Contents:
GPT hard Disk Drives For HP Desktops April 2011 Table of Contents: Abstract... 1 Why GPT?... 1 GPT vs MBR... 2 Bootable vs Data Drives and UEFI BIOS... 4 OS Support... 6 Storage Driver Support... 6 Imaging
More informationFull Disk Encryption Agent Reference
www.novell.com/documentation Full Disk Encryption Agent Reference ZENworks 11 Support Pack 3 May 2014 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or
More informationEnova X-Wall XO Frequently Asked Questions--FAQs
Enova X-Wall XO Frequently Asked Questions--FAQs Q: What is X-Wall XO? A: X-Wall XO is the fourth generation product that encrypts and decrypts the entire volume of the hard drive. The entire volume includes
More informationManaging BitLocker With SafeGuard Enterprise
Managing BitLocker With SafeGuard Enterprise How Sophos provides one unified solution to manage device encryption, compliance and Microsoft BitLocker By Robert Zeh, Product Manager Full-disk encryption
More informationZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference. May 2016
ZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference May 2016 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government
More informationWhy Dell for EUC. JinCheol Park EUC Marketing Nov. 25 th, 2014
Why Dell for EUC JinCheol Park EUC Marketing Nov. 25 th, 2014 EUC End User Computing Tablet Desk Top Notebook Workstation Monitor OptiPlex Latitude Precision Fixed Workstation Ultrasharp U, UZ Series Alienware
More informationData At Rest Protection
Data At Rest Protection Dell Data Protection Encryption Full Volume Encryption Whitepaper October 2011 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL
More informationFirmware security features in HP Compaq business notebooks
HP ProtectTools Firmware security features in HP Compaq business notebooks Embedded security overview... 2 Basics of protection... 2 Protecting against unauthorized access user authentication... 3 Pre-boot
More informationACS-3 Reporting Security Compliance
October 5, 2010 T13/e09151r2 October 5, 2010 Revision 2 Technical Editor: Jim Hatfield 389 Disc Drive Longmont, CO 80503 720-684-2120 James.C.Hatfield@Seagate.com Page 1 of 8 T13/e09151r2 October 5, 2010
More informationThe TCO of Software vs. Hardware-based Full Disk Encryption Summary
The TCO of vs. -based Full Disk Encryption Summary Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research Report
More informationEMC DATA DOMAIN ENCRYPTION A Detailed Review
White Paper EMC DATA DOMAIN ENCRYPTION A Detailed Review Abstract The proliferation of publicized data loss, coupled with new governance and compliance regulations, is driving the need for customers to
More informationFunctional diagram: Secure encrypted data. totally encrypted. XOR encryption. RFID token. fingerprint reader. 128 bit AES in ECB mode Security HDD
Secure encrypted data Encryption Access Control XOR encryption RFID token 128 bit AES in ECB mode Security HDD fingerprint reader enter password by keyboard 256 bit AES in CBC mode 1-2-3-4-5-6-7-8 PIN
More informationFile System & Device Drive. Overview of Mass Storage Structure. Moving head Disk Mechanism. HDD Pictures 11/13/2014. CS341: Operating System
CS341: Operating System Lect 36: 1 st Nov 2014 Dr. A. Sahu Dept of Comp. Sc. & Engg. Indian Institute of Technology Guwahati File System & Device Drive Mass Storage Disk Structure Disk Arm Scheduling RAID
More informationUEFI on Dell BizClient Platforms
UEFI on Dell BizClient Platforms Authors: Anand Joshi Kurt Gillespie This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The content is provided
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationTrusted Platform Module (TPM) Quick Reference Guide
Trusted Platform Module (TPM) Quick Reference Guide System builders/integrators should give this Guide to the system owners to assist them in enabling and activating the Trusted Platform Module. Warning
More informationAccelerate SQL Server 2014 AlwaysOn Availability Groups with Seagate. Nytro Flash Accelerator Cards
Accelerate SQL Server 2014 AlwaysOn Availability Groups with Seagate Nytro Flash Accelerator Cards Technology Paper Authored by: Mark Pokorny, Database Engineer, Seagate Overview SQL Server 2014 provides
More informationSymantec Endpoint Encryption Deployment Best Practices and Roadmap
Symantec Endpoint Encryption Deployment Best Practices and Roadmap Jon Allen Baylor University Chief Information Security Officer & Assistant Vice President Rene Kolga Symantec Principle Product Manager
More informationCautions When Using BitLocker Drive Encryption on PRIMERGY
Cautions When Using BitLocker Drive Encryption on PRIMERGY July 2008 Fujitsu Limited Table of Contents Preface...3 1 Recovery mode...4 2 Changes in hardware configurations...5 3 Prior to hardware maintenance
More informationSafeGuard Enterprise Tools guide
SafeGuard Enterprise Tools guide Product version: 5.60 Document date: April 2011 Contents 1 About this guide...3 2 Displaying the system status with SGNState...3 3 Reverting an unsuccessful installation
More information9 Steps to Data Security
Sensitive data - from trade secrets to customer data - is more valuable and so more vulnerable than ever. The challenges are significant from the complexity of deployment, to managing PCs and Macs, to
More informationSECUDE AG. FinallySecure Enterprise Cryptographic Module. FIPS 140-2 Security Policy
SECUDE AG FinallySecure Enterprise Cryptographic Module (SW Version: 1.0) FIPS 140-2 Security Policy Document Version 2.4 04/22/2010 Copyright SECUDE AG, 2010. May be reproduced only in its original entirety
More informationPerformance Characteristics of VMFS and RDM VMware ESX Server 3.0.1
Performance Study Performance Characteristics of and RDM VMware ESX Server 3.0.1 VMware ESX Server offers three choices for managing disk access in a virtual machine VMware Virtual Machine File System
More informationAn Introduction to Key Management for Secure Storage. Walt Hubis, LSI Corporation
Walt Hubis, LSI Corporation SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and literature
More informationS E A h a w k C r y p t o M i l l CryptoMill Technologies Ltd. www.cryptomill.com
SEAhawk CryptoMill CryptoMill Technologies Ltd. www.cryptomill.com OVERVIEW S EAhawk is an endpoint and removable storage security solution for desktop PCs and laptops running the Microsoft Windows operating
More informationABC of Storage Security. M. Granata NetApp System Engineer
ABC of Storage Security M. Granata NetApp System Engineer Encryption Challenges Meet Regulatory Requirements No Performance Impact Ease of Installation Government and industry regulations mandate protection
More information256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE
256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE USB 3.0 USB 2.0 SSD integralmemory.com About Us Introducing Integral Memory plc are one of the largest digital memory producers in Europe with more than 20
More informationPenetration Testing Windows Vista TM BitLocker TM
Penetration Testing BitLocker TM Drive Encryption Douglas MacIver Penetration Engineer System Integrity Group, Corporation Hack In The Box 2006/09/21 2006 Corporation. All rights reserved. Trustworthy
More informationADMINISTERING WINDOWS VISTA SECURITY: THE BIG SURPRISES
ADMINISTERING WINDOWS VISTA SECURITY: THE BIG SURPRISES Introduction. Chapter 1 Administering Vista Security: The Little Surprises. Restoring the Administrator. Making Your Own Administrator. Activating
More informationhttp://docs.trendmicro.com/en-us/enterprise/endpoint-encryption.aspx
Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, please review the readme files,
More informationKaspersky Lab s Full Disk Encryption Technology
Kaspersky Lab s Full Disk Encryption Technology In the US alone, an estimated 12,000 laptops are lost or stolen each week. According to the Ponemon Institute, a laptop is stolen every 53 seconds; more
More informationManagement of Hardware Passwords in Think PCs.
Lenovo Corporation March 2009 security white paper Management of Hardware Passwords in Think PCs. Ideas from Lenovo Notebooks and Desktops Workstations and Servers Service and Support Accessories Introduction
More informationMobile Device Security and Encryption Standard and Guidelines
Mobile Device Security and Encryption Standard and Guidelines University Mobile Computing and Device best practices are currently defined as follows: 1) The use of any sensitive or private data on mobile
More informationImplementing Hardware Roots of Trust: The Trusted Platform Module Comes of Age Sponsored by the Trusted Computing Group (TCG)
Implementing Hardware Roots of Trust: The Trusted Platform Module Comes of Age Sponsored by the Trusted Computing Group (TCG) Speakers: Gal Shpantzer, John Pescatore (SANS Institute) Chris Hallum (Microsoft)
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationTCG. TCG Storage Application Note: Encrypting Storage Devices Compliant with Enterprise SSC. Specification Version 1.00 Final Revision 1.
TCG Storage Application Note: Encrypting Storage Devices Compliant with Enterprise SSC Specification Version 1.00 Final Revision 1.00 December 21, 2009. Contacts: admin@trustedcomputinggroup.org TCG Copyright
More informationSeagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module FIPS 140-2 Security Policy
Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module FIPS 140-2 Security Policy Rev. 3.0 December 09, 2015 Seagate Technology, LLC Page 1 Table of Contents 1 Introduction... 3 1.1 Scope...
More informationMarkMlnasi Byron Hynes
A ul ^HP &1 ^n* JÜ& MarkMlnasi Byron Hynes i 1 8 O 7,^ j Wiley Publishing, Inc. Mark Minasi U Windows Administrator X. Library Table of Contents Introduction Chapter 1 Administering Vista Security: The
More information