Making Data at Rest Encryption Easy MM/DD/YYYY Jason Cox Client Security Products Lead Seagate Technology
What is SED? Self Encrypting Drive Basics The storage device LOCKS when it powers OFF. The storage device remains LOCKED when it is powered back ON. Authentication UNLOCKS the storage device. The storage device Reads and Writes data normally while drive is unlocked The plaintext data sent to the device is encrypted before being written The encrypted data read from the device is decrypted before being returned Benefits Always encrypting at line speed (no performance impact) Auto locking on power off Retirement, disposal, end of life Authentication Key Management Service Write Read Here is the unencrypted text P%k5t$ @sg!7#x1) #&% 100% performance encryption engine in the drive 2
Needs & Solutions Customer Needs SED Solutions Government-Grade Security FIPS 140-2 Certified SED FIPS Drives Data-At-Rest Protection TCG-Compliant Security Requires TCG Host Controller & Key Management System SED Drives Easy Disposal & Repurposing Instant Secure Erase Quick & Simple Data Encryption Key Erasure Crypto-Erase & Sanitize Features Security Foundation 3
Why SEDs? There s stuff on your laptop that has value, and makes loss/theft costly to you or your company. It costs you or your company time or money to replace time or money to do damage control. Your company could lose business. You could lose your job, or have your identity stolen. PLUS, regulatory compliance requirements! ie HIPAA, other new data privacy and breach notification legislation in the US and abroad 4
Types of Information What is this stuff? Personal (important to you): Identifying info, banking info, browser histories (banks, social networking sites, etc.), cookies, cached account names/passwords, other auto-fill form info, personal email Corporate (important to your company): product road maps, product schematics, design documents, customer and supplier info, email, employee records, consumer data, source code What about on a drive in a data center? All of the above and possibly way more. 5
Cost Is this really something to worry about? IBM estimates that 50,000 drives are retired from data centers daily 1 90% of drives returned for warranty contain readable data 1 Companies are generating more data Accessed by or stored on more devices Data Loss is expensive Data breaches cost more than $6M on average per incident 2 Lost/stolen laptops and mobile data-bearing devices cost $258 per record 2 (20% more per record than a general data breach) Average consumer out-of-pocket cost due to identity fraud increased to $631 per incident 3 1 http://www.redbooks.ibm.com/abstracts/tips0761.html 2 2010 Annual Cost of a Data Breach: US Study, Ponemon Institute (sponsored by Symantec), March 2011 3 http://bucks.blogs.nytimes.com/2011/02/09/the-rising-cost-of-identity-theft-for-consumers/ 6
End of Life Cryptographic Erase What do you do about the stuff when you re done with it? Overwrite Degauss Physical destruction SEDs provide for near-instantaneous cryptographic erase Destroying the media encryption key makes the encrypted data unrecoverable Near instantaneous Can affect retired or otherwise unreachable portions of the storage device 7
In The Time It Takes To Process This Slide The Information on Eight 3.0TB Hard Drives Could Have Been Cryptographically Erased 8
Standards Storage Interfaces: Incits Technical Committees T10 SCSI Storage Interfaces T13 AT Attachment (ATA) Security Subsystem Management: Trusted Computing Group Specifications Trusted Storage Core Specification Storage Interface Interactions Opal SSC Enterprise SSC Security Assurance: Federal Information Processing Standards (FIPS) FIPS 197 Advanced Encryption Standard FIPS 140-2 Security Requirements for Cryptographic Modules 9
Benefits of Standards Simplifies Procurement Cross-vendor compatibility Standard interface Simplifies Software Development Common capabilities Common interface Assurance of security capabilities NIST/FIPS validated security functionality Standardization is the process of developing and implementing technical standards. The goals of standardization can be to help with compatibility, interoperability, safety, repeatability, or quality. -Wikipedia, Standardization 10
TCG Storage Specifications General Documents Core Spec SIIS T10 (SCSI) T10 (ATA) Specific Documents Opal SSC Enterprise SSC Supporting Documents Opal App Note Enterprise App Note 11
SSC Overviews Opal Main Motivation Provide a solution to address current market needs: Stolen/lost laptop data leakage. End of life / disposal. Features Simple PIN-based authentication. Provide encryption and locking. Pre-OS boot authentication mechanisms. Enterprise Main Motivation Provide a solution to address current market needs: Minimize the time to bring devices online in a data center environment. Protect confidentiality of stored user data after device leaves owner s control End of life / disposal Features Simple PIN-based authentication. Provide encryption and locking 12
FIPS 140-2 Government Grade Security Joint Effort Between NIST & CSEC FIPS 140-2 is the Current Standard Segmented Into 4 Levels (Level 2 is Tamper Evident Physical Security) Accepted by Federal Agencies for the Protection of Sensitive Information Cryptography Must Be FIPS Validated Unvalidated Cryptography Viewed as No Protection Plain Text by Federal Agencies 13
What are the Benefits of FIPS? Generates New Business Opportunity / Expanded Markets Government, Health Care, Finance, etc. Product Testing Conducted in a Rigorous & Standard Manner Accepted / Validated Cryptographic Algorithms & Best Security Practices 14
Benefits of Standards (Revisited) Simplifies Procurement Cross-vendor compatibility Standard interface Simplifies Software Development Common capabilities Common interface Assurance of security capabilities NIST/FIPS validated security functionality Standardization is the process of developing and implementing technical standards. The goals of standardization can be to help with compatibility, interoperability, safety, repeatability, or quality. -Wikipedia, Standardization 15
IT Deployment Drive is Manufactured (and encrypting from the factory) Ships to OEM OEM configures system Ships to end user IT installs corporate OS image IT installs security management software* Software detects Opal SED Software installation activates SED functionality Software installs MBR shadow (pre-os boot authentication) Software configures authentication and locking ranges Including SW-managed TPM integration SECURITY IS NOW ENABLED DRIVE WILL LOCK ON POWER LOSS IF THE DRIVE IS STOLEN, THE DATA IS PROTECTED AT END OF LIFE, DRIVE CAN BE REPURPOSED WITH SECURE ERASE *This could be part of the OS, rather than a separate software application 16
In the Data Center Drive is Manufactured (and encrypting from the factory) Ships to OEM OEM integrates into SED management storage system Ships to customer SysAdmin installs new volume / storage system in data center SysAdmin initializes new system (authentication key, locking configurations) SECURITY IS NOW ENABLED DRIVE WILL LOCK ON POWER LOSS IF THE DRIVE IS LOST OR STOLEN, THE DATA IS PROTECTED AT END OF LIFE, DRIVE CAN BE REPURPOSED WITH SECURE ERASE 17
End of Life (Revisited) Need to Easily Refurbish / Repurpose Drives? Solution Cryptographic Erase Performs Instant Secure Erase Authentication Keys Return to Default Settings Benefits Instantaneous Erase For Secure Disposal Instantaneous Global Reset to Repurpose Drive to Default Settings 18
Conclusion Standardized solutions Interoperable Scalable Transparent Multiple vendor support (hardware and software) Ease of integration IT Policy: all future drive purchases to be SEDs Protect data throughout storage device life cycle Reduce disposal costs 19
Questions? 20
Thank You! Thanks to contributors and attendees! 21