You will be prompted for the location to store the file and the pass phrase used to create or
change the existing security key file, as shown in Figure 5-14. The DS5000 Disk Encryption
Manager uses the pass phrase to encrypt the security key before it exports the security key to
the security key backup file.
Figure 5-14 Save Security Key File window
5.4.3 Secure erase
Secure erase provides a higher level of data erasure than other traditional methods. When
you initiate secure erase with the DS5000 Disk Encryption Manager, a command is sent to
the FDE drive to perform a "cryptographic erase". This erases the existing data encryption key
and then generates a new encryption key inside the drive, making it impossible to decrypt the
data. Drive security becomes disabled and must be re-enabled if it is required again.
273
Chapter 5. Disk Security with Full Disk Encryption drives