Seagate builds in security controls to hard drives

 

Gallery

By Guy Matthews - IT PRO

Posted on 2 Nov 2006 at 11:30

Storage hardware maker Seagate has taken the wraps off its DriveTrust, technology which it claims will protect data at the hardware level of the hard drive.

A drive protected by DriveTrust will require anyone accessing it to de-encrypt its data with a password or key. Without a password, a hard drive would be useless, says the manufacturer.

Seagate says its new technology differs from most information security which either sets up a firewall around networks or encrypts data at file or operating system level.

Locking up the actual drive where the data sits is a major innovation which will become an industry standard copied by other vendors, claims Seagate.

If it delivers what Seagate claims, DriveTrust could help to end the steady stream of headlines about lost laptops yielding up critical data to hackers and thieves. Sensitive corporate and government data has regularly ended up in the public domain, for instance forcing the authorities to change plans for last month's Labour Party conference at the last minute after an unsecured computer was taken from a parked car.

"A single incident of data theft can have an enormous effect on a company through financial and legal costs, negative publicity and customer defections," said Scott Shimomura of Seagate's global product marketing team. "Compliance with legislation depends on technologies like encryption as a way to help mitigate these risks."

Securing data on the hard drive is an innovative yet commonsense approach that could well simplify data security, says Charles Kolodgy, research director of security products for analyst group IDC. "As storage and security converge, solutions like Seagate's DriveTrust Technology are providing organizations with the easy-to-use security they need to protect their data assets," he added.

Seagate is reportedly considering allowing other storage companies to integrate DriveTrust into their own lines, whilst it offers development tool sets so that third parties can create additional security layers for the technology.