Toshiba introduced a new hard disk drive family with 256-bit AES encryption and a proprietary data-wipe technology.
Toshiba unveiled a new
family of hard disk drives with a security twist: They are self-encrypting.
There have been several
incidents where a laptop
or stolen, and sensitive information was exposed because the data
was not encrypted. With these Toshiba drives, IT departments know all the data
stored on those systems are automatically secured.
The MKx61GSYG line of
self-encrypting hard drives will automatically store data using the 256-bit AES
encryption and prevent the data from being accessed if the drive is used inside
an unfamiliar computer, Toshiba said April 12. The drives can be configured
with invalidation attributes to scramble or deny access to protected data,
depending on specific use cases.
The 2.5-inch two-platter 7,200
rpm drives will use the 3G bps Serial ATA II interface and have 16MB of buffer
memory. The drives will be available in 160GB, 250GB, 320GB, 500GB and 640GB
The drives are intended for
professional use where there are specific privacy and data-security concerns.
The self-encrypting drives can be used in copiers, multi-function printers and
point-of-sale systems. They can be used in government, financial, medical and
other environments where there is a lot of sensitive information.
vendors recognize the need to help their customers protect sensitive data from
leakage or theft," said Scott Wright, a product manager in Toshiba's
storage device division.
When a system containing the
SED HDD turns on, the hard disk drive attempts to authenticate with the host.
The drive can be configured to deny any access to the drive if the host is not
recognized, regardless of whether that's because of a system failure or because
the drive has been moved to new hardware. There is also an option to configure
the drive to perform a cryptographic erase on certain sections of the data to
delete the keys needed for decryption. Once those keys are removed, the saved
information is permanently encrypted and unreadable even if the drive is added
back to the original system.
Toshiba's data invalidation
attributes can be set for various scenarios, including a user entering the data
invalidation command, when the SED is installed into unknown hardware, and
every time the system is power-cycled. Too many invalid unlock commands will
also cause the drive to lock up and invalidate the data, Toshiba said. The
company called the ability to offer multiple data-security options an "industry
The range of
data-wipe-configurations gives designers a choice in security options that can
be easily incorporated into existing hardware.
The proprietary second-generation
data-wipe technology was designed according to the Trusted Computing Group
"Opal" storage specification. Opal allows devices to create authentication
policies to determine which hosts are trusted.
Organizations can use the
MKxx61GSYG drives to protect against data loss resulting from lost or stolen
notebooks. They can also use the drives within copier and printer systems so
that the images of potential confidential documents are not readily accessible
to anyone trying to steal them.
The drives will be
distributed later this quarter to select system manufacturers and independent
software vendors so that they can integrate the data-wipe technology features,
according to Toshiba.