Self-Encrypting Drives for Data Protection: The Industry s First Forecast with Thoughts on Usage

Similar documents
Solid Security: The Rise of Self-Encrypting. Solid State Drives. Thomas Coughlin

Self Encrypting Drive Market & Technology Report

Self Encrypting Drive Market & Technology Report

2011 Self Encrypting Drive Market and Technology Report

WD to Acquire HGST for $4.3 B

Two May Be Better Than One: Why Hard Disk Drives and Flash Belong Together. February 2011

2015 Survey Summary for Storage in Professional Media and Entertainment

Collaborative Workflows Benefit from Cloud Storage

FDE Performance Comparison. Hardware Versus Software Full Drive Encryption

Full Drive Encryption with Samsung Solid State Drives

esata: A New Storage Paradigm (Survey and Report)

New Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise

Data Security Using TCG Self-Encrypting Drive Technology

Trusted Computing Basics: Self-Encrypting Drives

Factory-Installed, Standards-Based Hardware Security. Steven K. Sprague President & CEO, Wave Systems Corp.

A Comprehensive Plan to Simplify Endpoint Encryption

Personal Content and Home Network Storage, the Perfect Storm

Why Hybrid Storage Strategies Give the Best Bang for the Buck

Technical Note. Installing Micron SEDs in Windows 8 and 10. Introduction. TN-FD-28: Installing Micron SEDs in Windows 8 and 10.

How Cloud Computing Can Accelerate Endpoint Encryption:

Table of Contents HDD/CD/DVD

Data Storage Trends and Directions

Total Cost of Solid State Storage Ownership

WHITEPAPER It s Time to Move Your Critical Data to SSDs

Enterprise Flash vs. HDD Projections

Protecting Your Business from Costly Data Theft: Why Hardware-Based Encryption Is the Answer

Intel Rapid Start Technology (FFS) Guide

Solid-State Drives with Self-Encryption: Solidly Secure

1. System Requirements

256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES

S E A h a w k C r y p t o M i l l CryptoMill Technologies Ltd.

An Overview of Flash Storage for Databases

Solid State Drives (SSD) with Self Encryption: Solidly Secure Michael Willett Storage Security Strategist Independent Consultant

Reliability and Recovery: How Can We Make Better Storage Devices?

256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES

FISCAL Q SUPPLEMENTAL FINANCIAL INFORMATION

Native PCIe SSD Controllers A Next-Generation Enterprise Architecture For Scalable I/O Performace

W H I T E P A P E R E v a l u a t i n g t h e S S D T o t a l C o s t o f O w n e r s h i p

Year 95mm Mainstream Capacity Per Platter

Embedded Operating Systems in a Point of Sale Environment. White Paper

Keep Your Data Secure: Fighting Back With Flash

Disk Encryption. Aaron Howard IT Security Office

Memoright SSDs: The End of Hard Drives?

256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE

QUESTIONS & ANSWERS. ItB tender 72-09: IT Equipment. Elections Project

Full Disk Encryption Drives & Management Software. The Ultimate Security Solution For Data At Rest

Major upgrade versions. To see which features each version of Windows 7 has, go to Microsoft's Compare Windows page.

AuditMatic Enterprise Edition Installation Specifications

HP 80 GB, 128 GB, and 160 GB Solid State Drives for HP Business Desktop PCs Overview. HP 128 GB Solid State Drive (SSD)

Hypervisor-based Background Encryption

HP Z Turbo Drive PCIe SSD

Data Storage At the Heart of any Information System. Ken Claffey, VP/GM - June 2015

Perceptions about Self-Encrypting Drives: A Study of IT Practitioners

SSDs tend to be more rugged than hard drives with respect to shock and vibration because SSDs have no moving parts.

QuickSpecs. PCIe Solid State Drives for HP Workstations

HP 80 GB, 128 GB, and 160 GB Solid State Drives for HP Business Desktop PCs Overview. HP 128 GB Solid State Drive (SSD)

256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE

The Evolving Role of Flash in Memory Subsystems. Greg Komoto Intel Corporation Flash Memory Group

Vormetric and SanDisk : Encryption-at-Rest for Active Data Sets

ECONOMY WORKING DAYS STANDARD 3-8 WORKING DAYS

How To Improve Write Speed On An Nand Flash Memory Flash Drive

Dualog Connection Suite Hardware and Software Requirements

STANDARD 3-8 WORKING DAYS

Microsoft Office 2010 system requirements

INTRODUCTION TO WINDOWS 7

Hard Disk Drive vs. Kingston SSDNow V+ 200 Series 240GB: Comparative Test

SUPERTALENT PCI EXPRESS RAIDDRIVE PERFORMANCE WHITEPAPER

Best Practices for Deploying SSDs in a Microsoft SQL Server 2008 OLTP Environment with Dell EqualLogic PS-Series Arrays

Advances in Storage Security Standards Jason Cox Intel Corporation

Enforce AD RMS Policies for PDF documents in SharePoint Environments Enforce AD RMS Policies for PDF documents in Exchange Environments...

How A V3 Appliance Employs Superior VDI Architecture to Reduce Latency and Increase Performance

Opal SSDs Integrated with TPMs

Security for Disk Drive Data at Rest Disk Drive Opportunities?

Introducing Intel Small Business Advantage

HP Personal Workstations Step-By- Step Instructions for Upgrading Windows Vista or Windows XP Systems to Windows 7

Solid State Drives (SSDs)

Cisco Unified CallConnector for Microsoft Windows

How To Understand The Trends In Digital Home Storage

Origin Storage Limited. Company Profile

SSD Old System vs HDD New

Storage Architecture in XProtect Corporate

Only 8% of corporate laptop data is actually backed up to corporate servers. Pixius Advantage Outsourcing Managed Services

Slide Set 8. for ENCM 369 Winter 2015 Lecture Section 01. Steve Norman, PhD, PEng

Scaling from Datacenter to Client

Cloud Voice Service Cloud Communicator User Guide. (Version 1.0)

About Parallels Desktop 10 for Mac

This page is a hidden page. To keep from printing this page, uncheck the checkbox for printing invisible pages in the printing dialog box.

QuickSpecs. HP Solid State Drives (SSDs) for Workstations. Overview

SSDs tend to be more rugged than hard drives with respect to shock and vibration because SSDs have no moving parts.

Cisco Unified CallConnector for Microsoft Windows

Self-Encrypting Drives

V300 Benchmark Brief. Overview of Consumer SSD Offering. HyperX: Designed for enthusiasts and gamers, HyperX 3K SSD is Kingston s fastest SSD product.

Sage CRM Technical Specification

Gain Complete Data Protection with SanDisk Self-Encrypting SSDs and Wave Systems

Flash Memory Technology in Enterprise Storage

Getting the Most Out of VMware Mirage with Hitachi Unified Storage and Hitachi NAS Platform WHITE PAPER

Getting the Most Out of Flash Storage

Outline. CS 245: Database System Principles. Notes 02: Hardware. Hardware DBMS Data Storage

USB 3.0 to 2.5" SATA HDD/SSD Mini Docking Quick Installation Guide

Sophos SafeGuard Disk Encryption, Sophos SafeGuard Easy Demo guide

Transcription:

Self-Encrypting Drives for Data Protection: The Industry s First Forecast with Thoughts on Usage Brian Berger, Director, Trusted Computing Group Tom Coughlin, President, Coughlin Associates Copyright Coughlin Associates and Trusted Computing Group 1

Welcome and Introduction Self-encrypting hard disk drives were initially introduced in 2007. These initial products were called Full Disk Encryption (FDE) drives. FDE drives were introduced by Seagate in advance of a SED standard from the Trusted Computing Group (TCG), a consortium of HDD, SDD, electronics, OEM, software and other interested companies whose Storage Work Group was tasked with creating universal standards for storage devices with internal hardware based encryption often called Hardware (HW) Encryption. Storage devices with HW encryption, where the encryption key never leaves the storage devices and where encryption and decryption of data are handled by the storage device electronics independently of the host, are called Self- Encrypting Drives or Devices (SEDs). Hardware encryption is contrasted with Software (SW) encryption which runs the encryption software and accesses the encryption keys off of the storage devices. HW encryption runs entirely on the digital storage device and the encryption key never leaves the storage device. All sorts of storage devices can be SEDs. The Trusted Computing Group has standards for internal encryption of hard disk drives, optical disc storage, as well as NAND flash storage devices such as Solid- State Drives (SSDs). In July and August 2011, in cooperation with members of the Trusted Computing Group and its Storage Work Group, Coughlin Associates conducted a survey of a number of interested parties to the use of encryption to provide security in various types of electronic equipment that use storage devices. Those interviewed included storage device suppliers (hard disk drives and solid state drives), systems OEMs, security software companies, storage controller suppliers and others. Slide2

Webcast Logistics No Sound? Check to be sure that you have dialed into the audio portion: Toll Free: +1-888-909-7654 / Toll: +1-719-785-1711 Participant Passcode: 2402551 Press *0 to reach an operator if still experiencing difficulties Questions? Pose a written question to our speaker or moderator throughout the webcast: Select the question mark icon (??) on the primary navigation bar Type your question Watch and/or listen for a response Webcast Archive Availability? Webcast to be available for viewing within 5-7 business days at: http://www.trustedcomputinggroup.org/resources/selfencrypting_drive_market_and_technology_report Slide3

Tom Coughlin, Coughlin Associates Tom Coughlin, President, Coughlin Associates is a widely respected storage analyst and consultant. He has over 30 years in the data storage industry with multiple engineering and management positions at high profile companies. Dr. Coughlin has many publications and six patents to his credit. Tom is also the author of Digital Storage in Consumer Electronics: The Essential Guide, which was published by Newnes Press. Coughlin Associates provides market and technology analysis (including reports on several digital storage technologies and applications and a newsletter) as well as Data Storage Technical Consulting services. Tom is publishes a Digital Storage in Consumer Electronics Report, a Media and Entertainment Storage Report, and a Capital Equipment and Technology Report for the Hard Disk Drive Industry. Tom is active with SMPTE, SNIA, IDEMA, the IEEE Magnetics Society, IEEE CE Society, and other professional organizations. Tom is the founder and organizer of the Annual Storage Visions Conference (www.storagevisions.com), a partner to the International Consumer Electronics Show, as well as the Creative Storage Conference (www.creativestorage.org). He is also a Senior member of the IEEE, Leader in the Gerson Lehrman Group Councils of Advisors and a member of the Consultants Network of Silicon Valley (CNSV). For more information on Tom Coughlin and his publications. go to www.tomcoughlin.com. Slide4

SELF-ENCRYPTING DRIVES FOR DATA PROTECTION: THE INDUSTRY S FIRST FORECAST WITH THOUGHTS ON USAGE Tom Coughlin, President, Coughlin Associates www.tomcoughlin.com Copyright Coughlin Associates and Trusted Computing Group 5

Outline Factors that led to slow market adoption of SEDs Factors favoring future growth of SEDs Comparison of SW and HW (SED) encryption Market Projection Methodology HDD SED Projections SSD SED Projections Conclusions References and Sources Slide6

Factors That Led to Slow Market Adoption of Self-Encrypted Storage Devices Higher costs/prices for initial SEDs, Slow corporate IT spending due to economic disruptions and uncertainty in the last few years, Lack of knowledge about the difference between HW based encrypted SEDs and SW encrypted solutions, Lack of training of OEMs and integrators on the use and advantages of SEDs, Issues limiting the use of encrypted drives in some countries, A limited initial market mainly driven by government mandates and, Until recently, a lack of common standards and a continuing lack of product certification. Slide7

Factors Favoring Future Growth of Self- Encrypted Storage Devices The approach to cost parity of SEDs to non-self-encrypting storage devices will make it easier to get these products adopted universally SEDs have no discernable encryption time (unlike SW encryption) SEDs don t have the performance overhead that SW encryption running on the host has, leading to better overall system performance SEDs may have a somewhat longer useful life than drives used in a software encrypted system (more reads and writes with SW encryption) Because the encryption key is stored on the storage device, it cannot be accessed through host hacking, like SW encryption can SEDs allow simpler storage array encryption solutions Government mandates and regulations increas the requirements for privacy and favor the use of SEDs, (esp. with FIPS 140 certification) Crypto-erase is the only effective way to make data on a SSD inaccessible Slide8

HDD Encryption Throughput Test Results (extracted from 2010 Trusted Strategies Report) No Encryption Seagate SED HDD SW Encryption Avg. SW Encryption 1 SW Encryption 2 SW Encryption 3 Start-up Throughput (MB/s) 7.9 8.0 7.7 7.9 7.8 7.5 Application Loading (MB/s) 5.9 5.7 5.5 5.6 5.5 5.4 Modest Size File Test (MB/s) 5.4 5.3 5.1 5.1 5.2 5.1 Extensive Data Read (MB/s) 80.2 82.8 38.6 46.3 35.6 33.8 Extensive Data Write (MB/s) 50.7 50.3 35.2 39.1 31.4 34.9 The software packages that were tested and compared to the Seagate SED were McAfee Endpoint Encryption for PC, version 5.2.3; PGP Whole Disk Encryption for Windows, corporate desktop version, release 9.12; and Microsoft Bitlocker, Windows Vista Ultimate, SP2. HW and SW encryption was tested using PCMark Vantage Professional edition mostly using the hard disk drive test suite. Identical 32 bit Dell Latitude E6400 laptops running Microsoft Windows Vista Ultimate, service pack 2, with Intel Core 2 Duo Processors and 2 GB of RAM were used for the comparison testing. Slide9

SSD Encryption Throughput Test Results (extracted from 2010 Trusted Strategies Report) Samsung SSD, No Encryption Samsung SSD with SW Encryption Samsung SED SSD Start-up Throughput (MB/s) 82.50 47.90 95.33 Application Loading (MB/s) 48.33 30.77 60.37 Modest Size File Test (MB/s) 41.13 26.77 50.40 Large Scale Data Read (MB/s) 178.00 70.23 169.33 Large Scale D Write (MB/s) 170.80 63.60 164.50 Random R/W (MB/s) 54.77 29.57 54.50 There was no observable performance penalty for the SEDs, in fact they performed faster than the non-encrypted drives (for some reason). SED drives (as well as the non encrypted drives) had significantly higher performance than the SW encrypted SSDs. Slide10

Encryption Throughput Test Results and Other Consequences The SED gave a 115% higher read throughput than the average of the SW encryption products and 43% higher write throughput. SEDs allow a quicker implement of an encrypted data solution than SW encryption. The lower performance overhead (and thus improved system performance) as well as elimination of any encryption time for a new storage device can offer considerable ROI advantages for SEDs (HW encryption) over SW encryption. These advantages would also scale from individual host systems to virtualization environments, making SEDs better storage devices for use in cloud storage environments where data security is important. In my interviews with OEMs and suppliers, it was mentioned that a 10-15% loss in effective life of storage devices may be a result of SW encryption vs. SED HW encryption. Slide11

Market Projection Assumptions (1) Two types of projections for given market segments and for HDDs and SSDs as a whole. The first projection will be for the growth of SED- encryption-based security adoption in terms of drive units. The second projection will be for the implementation of SED capability in drives for that market segment in terms of drive units. We call these two projections Security Adoption and SED Capability respectively. The actual modeling methodology will assume that Security adoption (the use of SED drives for encryption based security) will follow an S-shaped adoption curve. Because of some intrinsic adoption issues for encryption-based security in some geographic regions, the maximum security adoption will not be 100% of all the drives produced. Slide12

Market Projection Assumptions (2) In February 2011, Seagate announced that it had shipped more than 1 M self-encrypting HDDs into the laptop and enterprise markets. Seagate introduced their laptop SEDs in 2007 and their enterprise SEDs in 2009. Other companies that have shipped SEDs include Hitachi (announced in 2007) and Fujitsu(announced in 2008, note that Fujitsu s hard disk division is now part of Toshiba). Hitachi also announced 3.5-inch SED HDDs for desktop PCs in 2008. Toshiba announced an SED HDD in 2011 Samsung announced an SED SSD in 2011. Micron also announced an SED SSD in 2011. Western Digital has not announced shipping SED drives as of the date of this report. By the end of 2010, we estimate that a total of about 1.2 M SED HDDs shipped, mostly for laptop and some for desktop and enterprise applications. Slide13

Simplification of Bass Diffusion Model We use an equation for the cumulative fraction of adopters at time t, F(t), where p is the so-called innovation factor and q is the imitation factor. Slide14

Banded Hard Drive Volume Projections 1,800,000 1,600,000 1,400,000 High Estimate Median Estimate Low Estimate 1,200,000 1,000,000 800,000 600,000 400,000 200,000 0 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide15

Projection of HDDs by Market Niches (in 1,000 s of units) 1,200,000 1,000,000 800,000 600,000 400,000 Mobile CE Desktop Enterprise ATA Enterprise 200,000 0 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide16

Million Units Shipped Security Adoption for Laptop HDDs 300 250 200 High Security Laptops Mean Security Laptops Low Security Laptops 150 100 50 0 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide17

Security Adoption for Enterprise HDDs Million Units Shipped 70 60 50 40 30 High Security Enterprise Mean Security Enterprise Low Security Enterprise 20 10 0 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide18

Security Adoption for Desktop HDDs Million Units Shipped 100 90 80 70 60 50 40 30 20 10 0 High Security Desktop Mean Security Desktop Low Security Desktop 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide19

Million Units Shipped Security Adoption for CE HDDs 3.0 2.5 2.0 High Security CE Mean Security CE Low Security CE 1.5 1.0 0.5 0.0 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide20

Median Security Adoption for all HDDs Market Segments Million Units Shipped 1000.00 100.00 CE Desktop Enterprise 10.00 Laptop 1.00 0.10 0.01 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide21

Security Adoption SED HDD Estimates (high, median and low) Million Units Shipped 450 400 350 300 250 High Median Low 200 150 100 50 0 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Slide22

HDD SED Conclusions It is likely that by about 2017 all HDDs will shift to SED capable units, although estimated security adoption units by 2016 (SED capable HDDs actually used or intended for data security) are about 25% of all HDDs shipped. Factors that could accelerate security adoption and SED capability in HDDs: if HDD controller makers move to incorporate SED capability into standard HDDs the shift to SED capable units could happen much quicker than this. If this happened it would also be part of a significant cost reduction for SEDs and would probably accelerate security adoption with SEDs as well. increased publicity to susceptible mid-market users, especially with increasing amounts of government privacy regulation could increase security adoption. Slide23

SSD SED Considerations SSDs by their very architecture do not know if there is unerased content in the device, unlike HDDs. Providing encrypted data on the SSD where the key is within the device allows erasing the encryption key and making the data unavailable to others a crypto-erase. This feature will be popular for many users even if they don t use the SED features on a day to day basis, since drives can be reused without fear that the data is available to a new user after the internal encryption key is erased. Slide24

Millions of Units SSD Annual Shipped Unit Projections 120 100 80 60 40 Financial and POS Servers Notebook PC Cellular Base Station Set Top Box Desktop PC Switch & Rounter Test & Measurement Process Control Military & Aerospace NAS and SAN 20 0 2009 2010 2011 2012 2013 2014 2015 Slide25

High/median/low SSD Estimates 160 140 120 100 High Median Low 80 60 40 20 0 2009 2010 2011 2012 2013 2014 2015 2016 Slide26

Million Units Shipped SSD Security Adoption Projections 25 20 15 High Estimate Mean Estimate Low Estimate 10 5 0 2009 2010 2011 2012 2013 2014 2015 2016 We project that within 2 years (by 2013) SED capability will be in over 80% of SSDs and likely in almost all SSDs within 3 years (2014). Slide27

Conclusions It is likely that by about 2017 all HDDs will shift to SED capable units, although estimated security adoption units by 2016 (SED capable HDDs actually used or intended for data security) are only 25% of all HDDs shipped. By 2016 the high, median and low estimates for security adoption for SED HDDs are 411M, 315M and 122M units. We project that within 2 years (by 2013) SED capability will be in over 80% of SSDs and likely in almost all SSDs within 3 years (2014). Although actual SSD SED feature implementation in 2016 is likely to be about 122M SSDs, the projected actual SSDs from that year used for security and data protection purposes is estimated at less than 18M units. Slide28

Sources and References Trusted Platform Module (TPM) Adoption Dynamics, IDC, 2006 Trusted Computing is Real and it s Here, Endpoint Technologies Associates, 2007 Perceptions about Self-Encrypting Drives: A Study of IT Partitioners, Ponemon Institute, 2011. Employment Size of Firms, US Census Bureau, 2008. FDE Performance Comparison: Hardware vs. Software Full Drive Encryption, Trusted Strategies, February 9, 2010. Full Drive Encryption with Samsung Solid State Drives, Trusted Strategies, November 2010. Reliably Erasing data from Flash-Based Solid State Drives, M. Wei et. al, Presented at Fast 2011 Based upon discussions with encryption and SED experts during the course of this research New Product Diffusion Models in Marketing: A Review and Direction for Research, V. Mahajan, E. Muller and F.M. Bass, Journal of Marketing, Vol. 54 (January 1990), pp 1-26. Managing technology and innovation for competitive advantage, V. K. Narayanan, 2001, Prentice Hall. Digital Storage Technology Newsletter, Coughlin Associates, July 2011. Seagate Tops 1 Million Mark in Shipments of Self-Encrypting Hard Drives for Laptop PC s and Data Center Servers, Seagate Press Release, February 14, 2011. Solid State Drives: Outlook 2010, Objective Analysis, 2010 Slide29

Questions? Trusted Computing Group www.trustedcomputinggroup.org Tel: 503.619.0562 3855 SW 153 rd Drive Beaverton, OR 97006 admin@trustedcomputinggroup.org Coughlin Associates www.tomcoughlin.com Tel: 408.978.8184 9460 Carmel Road Atascadero, CA 93422 info@tomcoughlin.com Copyright Coughlin Associates and Trusted Computing Group

More Information For a copy of the full report, Self-Encrypting Drive Market & Technology Report, please visit: Full Report: http://www.tomcoughlin.com/techpapers.htm For more information on Self-encrypting Drives and the work of the Trusted Computing Group, please visit: Executive Summary Self-Encrypting Drive Market & Technology Report: httwww.trustedcomputinggroup.org/resources/selfencrypting_drive_market_and_technology_ report SED Whitepapers: www.trustedcomputinggroup.org/resources/data_protection_and_security_issues_drive_ad option_of_widely_available_selfencrypting_drives_based_on_industry_standards www.trustedcomputinggroup.org/resources/solving_the_data_security_dilemma_with_self_ encrypting_drives Data Protection/SED Solutions: www.trustedcomputinggroup.org/solutions/data_protection Slide31

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information