Laptop computers are quickly becoming standard-issue equipment for enterprise workforces across the globe, but the productivity gained from this added mobility comes at a price: increased exposure to theft, loss and damage.
Luckily, IT managers seeking to safeguard mobile data have a growing number of options at their disposal.
One such option is Seagates fully encrypted Momentus FDE.2. On March 12, Seagate began shipping the drive to ASI Computer Technologies to be used in notebook PCs with hardened security. ASI is a hardware component distributor catering to white-box system integrators and is using the disks in machines branded for sale under the integrators names.
The Momentus FDE.2 employs a dedicated ASIC to process the drives AES 128-bit encryption on the fly. This enables SATA 1.5G bps transfer speeds on the 5,400rpm drive while minimizing load on a host machines CPU. The drives will come in 80, 120 and 160GB capacities.
Seagate officials claim that the Momentus FDE.2s native hardware-based encryption gives it a performance edge over software-based encryption programs such as Microsoft Windows Vistas BitLocker and TrueCrypt, an open-source encryption application.
IT managers will be glad to know that Seagates hardware-based encryption is always turned on and, perhaps more importantly, users cannot turn it off. After all, no security scheme is effective without consistent application in the field. Moreover, full disk encryption relieves the burden on users to remember to save sensitive files to specific folders or volumes on the drive.
To complete the circle of trust, ASI has incorporated Wave Systems Embassy Trust Suite management tools. Waves software handles management of keys and passwords, TPMs (trusted platform modules) and authentication with biometric, smart card and Windows domain logins.
According to Lark Allen, Wave Systems executive vice president of corporate development, Wave has licensed software to most TPM chip manufacturers, and the companys Embassy software suite supports all existing TPMs. However, the current version does not support single sign-on. Therefore, users logging in with a fingerprint scan will be prompted for a password when starting up their systems and each time after the hard drive is power cycled.
Wave officials indicated that they would be working with OEMs and BIOS vendors to add that functionality in the future.
IT administrators can also access Seagates DriveTrust security features built into the Momentus firmware with Waves Embassy software. For example, the Momentus can store login and password pairs for as many as four users and four administrators. Regular user privileges are limited to log-in and password changes.
Administrators can add or remove users, assign recovery passwords and perform the “crypto erase” function to quickly and safely repurpose or retire disks storing sensitive data.
Seagate also will also begin shipping this month its second generation of high-performance 2.5-inch notebook hard drives. The turbocharged 7,200rpm Momentus disks will feature perpendicular recording technology, a 3G bps SATA interface and Seagates optional G-Force protection.
Already available on Seagates Barracuda and Cheetah product lines, G-Force technology bolsters resistance to damage of the drives delicate platters, heads and spindle motors from nonoperational shock.
Similarly, Dells StrikeZone technology, available on select models from its Latitude and Precision lines, uses specialized damping materials to cushion notebook hard drives and make them more durable.
Lenovo and Toshiba take a more active approach to this problem, utilizing motion sensors to detect impacts and sudden motions. When detected, hard drives are temporarily parked to protect the head and platter in a fall.
Lenovo offers this feature, called the Active Protection System, on select ThinkPad models. Toshibas version, dubbed HDD Protection, is available on a number of Toshibas Portege and Tecra laptops.
Technical Analyst Victor Loh can be reached at [email protected]