With recent changes to data protection laws, the data protection landscape is rapidly changing in scope, breadth and depth. Data protection is no longer simply a part of risk management, but also governance and compliance – meaning organizations today must keep up with all that is happening in the world of data protection.
The permanent physical loss of key information such as customer account information could have a severe negative impact on a business and bring about huge penalties and legal costs. The loss of confidentiality of information through a data breach can carry high security threats and put businesses of all sizes at risk. With such high security risks and huge penalties at stake, the protection of electronically stored information – in all its different expressions – should be at the forefront of any business.
As data and business processes evolve with technological advances, enterprises are actively examining how to improve the data protection function from the perspectives of people, processes and technology. In order to select the right data protection technology, the business needs to understand the overall data protection infrastructure portfolio into which individual data protection technologies should fit.
The growing advantages of hardware-based encryption
The disadvantages of software-based encryption have become increasingly apparent in the industry over the years. In software encryption, there are more possible attack vectors that can lead, among others, to the ability for a hacker to crack the password. Software encryption tools also share the processing of your computer, which can cause the whole machine to slow down as data is encrypted/decrypted.
Despite the apparent disadvantages of software-based encryption, some users remain unaware of the potential to solve these problems with hardware-based encryption. Through an industry-wide, open specification for hardware-based Self Encrypting Drives (SEDs), e.g., Opal Family Specifications, developed by Trusted Computing Group (TCG), the issues caused by software-based encryption are being addressed and the reasons for using a SED continue to grow.
Compared to software-based encryption, hardware-based encryption built into a drive offers simplified management, interoperability among drives from different vendors and most importantly no performance impact. In fact, using a SED is much more cost-effective than buying higher performance main laptop processors when software Full-Disk Encryption (FDE) is used. SEDs integrate to systems and image the same as non-encrypting drives, with no initial encryption necessary, nor re-encryption when drives are re-imaged.
SEDs and TPMs – the perfect match for future security threats
Strong user authentication is critical for better security. With a SED, access to the platform is based on secure authorization from the SED and not by the software that can be fooled into allowing unauthorized access to data. Mixing hardware-based encryption with Trusted Platform Modules (TPMs) can provide even stronger security benefits. Through combining hardware-based technologies like SEDs with TPMs, enterprises add another layer of security to their systems, ensuring the possibility of any loss of data is drastically reduced.
Hardware-based encryption brings a lot of necessary advantages including compliance, stronger security, integrated authentication and low total cost of ownership with an additional benefit of rapid data destruction or crypto-erase. While these convincing reasons remain valid, additional security scenarios provide even more compelling justification for organizations.
With ever-increasing data demands and the potential for new security threats in the future, corporations are investing in the technology to futureproof their business processes. New approaches such as SEDs, give corporations a way to obtain improved security without the shortcomings of software-based encryption. Once potential users correctly and completely understand the capabilities of SEDs and the misconceptions are corrected as well, the increasing availability of SED options will provide the solution to cope with data security threats both now and long into the future.
Written by By TCG Storage Workgroup.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
comments powered by Disqus