Seagate 10K.3 - Savvio 300 GB Hard Drive Brochure
Self-encrypting drives for servers, nas and san arrays
Hide thumbs
Also See for 10K.3 - Savvio 300 GB Hard Drive:
- Product manual (78 pages) ,
- Datasheet (2 pages) ,
- Product overview (2 pages)
Advertisement
Quick Links
Technology Paper
Self-Encrypting Drives for
Servers, NAS and SAN Arrays
Overview
This paper discusses the challenge of securing data on hard
drives that will inevitably leave the owner's control. It introduces
Self-Encrypting Drives (SED), which may be used in two ways: to
provide instant secure erase (cryptographic erase or making the
data no longer readable), and to enable auto-locking to secure
active data if a drive is misplaced or stolen from a system while in
use. Two appendices then follow: The first compares SEDs to other
encryption technologies used to secure drive data. The second
provides detailed analysis of instant secure erase and auto-lock
SED technology, explaining how SEDs are used in servers, NAS and
SAN arrays, virtualized environments, RAIDs, JBODs and discrete
drives.
Introduction
When hard drives are retired and moved outside the physically
protected data center into the hands of others, the data on those
drives is put at significant risk. IT departments routinely retire drives
for a variety of reasons, including:
Returning drives for warranty, repair or expired lease agreements
•
Removal and disposal of drives
•
Repurposing drives for other storage duties
•
Nearly all drives eventually leave the data center and their owners'
control; Seagate estimates that 50,000 drives are retired from data
centers daily. Corporate data resides on such drives, and when
most leave the data center, the data they contain is still readable.
Even data that has been striped across many drives in a RAID array
is vulnerable to data theft, because just a typical single stripe in
today's high-capacity arrays is large enough to expose hundreds of
names and social security numbers.
Advertisement
Subscribe to Our Youtube Channel
Related Manuals for Seagate 10K.3 - Savvio 300 GB Hard Drive
Summary of Contents for Seagate 10K.3 - Savvio 300 GB Hard Drive
- Page 1 • Nearly all drives eventually leave the data center and their owners’ control; Seagate estimates that 50,000 drives are retired from data centers daily. Corporate data resides on such drives, and when most leave the data center, the data they contain is still readable.
- Page 2 Self-Encrypting Drives for Servers, NAS and SAN Arrays Drive Control Headaches and Disposal Costs With these shortcomings in mind, it’s no surprise that an IBM study found that 90 percent of the In an effort to avoid data breaches and the drives returned to IBM were still readable.
- Page 3 (A more detailed explanation of how secure erase storage (as well as other security applications). works appears in Appendix A.) IBM, LSI and Seagate will support the Key Management Interoperability Protocol submitted Self-Encrypting Drives reduce IT operating to OASIS for advancement through their open expenses by freeing IT from both drive control standards process.
- Page 4 Self-Encrypting Drives for Servers, NAS and SAN Arrays Using Self-Encrypting Drives merely for instant approach has an a fundamental flaw: Rather than secure erase provides an extremely efficient and increasing security, it actually decreases security effective means to help securely retire a drive. and increases complexity by exposing encryption But using SEDs in auto-lock mode provides even keys that are long-lived keys, while exposing large...
- Page 5 Self-Encrypting Drives for Servers, NAS and SAN Arrays Figure 1. Several years ago, before Seagate began working Optimum Storage Efficiency: Unlike some • on drive encryption, the United States National encryption technologies, SED enables data Security Agency (NSA) analyzed the problem of...
- Page 6 Self-Encrypting because the encryption key never leaves the Drives into their solutions, and Seagate is rapidly drive, lessening concerns about being unable to introducing SEDs across its entire portfolio decrypt one’s own data.
-
Page 7: Appendix A: Self-Encrypting Drive Technology
Self-Encrypting Drives for Servers, NAS and SAN Arrays Appendix A: Self-Encrypting Drive Technology SED technology greatly simplifies repurposing of the drive and disposal. An owner wishing to Newly-Acquired Self-Encrypting Drives repurpose a drive simply performs a key erase to replace the encryption key. The drive deletes Each Self-Encrypting Drive (SED) randomly the encryption key and replaces it with a new generates an encryption key in the factory that is... - Page 8 Tivoli Key Lifecycle Manager operates on system that passes these authentication keys to z/OS, i5/OS, AIX, Linux, HP-UX, Sun Solaris and the correct drive (see Figure 3). Seagate, IBM and Windows operating systems, and is designed LSI have collaboratively worked to bring together...
- Page 9 Self-Encrypting Drives for Servers, NAS and SAN Arrays Ultimately this technology applies across the entire data center, as shown in Figure 4. Self- Encrypting Drives may be in storage arrays, on SANs, NAS and servers, and in data centers, branch offices and small businesses. A unified key management service will support the key management requirements for all forms of storage (as well as other security applications).
- Page 10 Self-Encrypting Drives for Servers, NAS and SAN Arrays 1. Authentication The following describes the steps that occur during the authentication process of a previously The storage system gets the authentication key • secured drive (see Figure 5): from the key management service and sends it to the correct locked drive.
-
Page 11: Appendix B: Comparing Technologies For Securing Data On Hard Drives
Self-Encrypting Drives for Servers, NAS and SAN Arrays Appendix B: Comparing Technologies for Securing Data on Hard Drives There is no one comprehensive encryption approach that covers all threats to data at rest. There are cost, interoperability, performance and latency issues to consider with each approach, thus care must be taken when choosing where to encrypt. - Page 12 “cold-boot” attack. Finally, to further minimize vulnerability to attack, Seagate has put no security back doors in the SED.
- Page 13 The world’s top six hard drive vendors (Fujitsu, when it can be easily copied from a protected Hitachi, Samsung, Seagate, Toshiba and Western source to an unprotected destination. Reducing Digital) collaborated to develop the final enterprise...
- Page 14 Self-Encrypting Drives for Servers, NAS and SAN Arrays Data-in-Motion Secured Physically or with As a result, self-encrypting storage is expected to be available across all end points, including such Session Encryption diverse devices as: The vast majority of data in motion moving over Servers, SANs, NAS arrays (virtualized or not), the wire downstream of the file system, whether •...
- Page 15 Copyright © 2009 Seagate Technology LLC. All rights reserved. Printed in USA. Seagate, Seagate Technology and the Wave logo are registered trademarks of Seagate Technology LLC in the United States and/or other countries. Momentus is either a trademarks or registered trademark of Seagate Technology LLC or one of its affiliated companies in the United States and/or other countries. All other trademarks or registered trademarks are the property of their...
Need help?
Do you have a question about the 10K.3 - Savvio 300 GB Hard Drive and is the answer not in the manual?
Questions and answers