Toshiba Wednesday unveiled its first family of self-encrypting hard disk drives (HDDs) that can also erase data when connected to an unknown host.
The new Toshiba Self-Encrypting Drives (SED) (models MKxx61GSYG) enable system manufacturers to configure different data invalidation options that align with various end-user scenarios.
The new 2.5-in, 7,200 rpm drives are targeted for use in PCs, copiers and multi-function printers, along with point-of-sale systems used in government, financial, medical, or similar environments that need to protect sensitive information.
The drives come in capacities ranging from 160GB to 640GB, and have 16MB of buffer memory, and use the serial ATA (SATA) 2.0 specification, which affords up to 3Gbit/sec throughput.
When initially powered up, Toshiba's new SED HDDs and their host perform an authentication process. If the authentication fails, the drive can be configured to simply deny access or perform cryptographic erase on specified blocks of data. Cryptographic erase is the process by which keys that allow a system to decrypt data are deleted, leaving the data permanently encrypted and unreadable.
The new HDDs use the AES 256-bit encryption algorithm to protect data at rest, and a proprietary data wipe technology that's enabled by the Opal Storage Specification from the Trusted Computing Group. The Opal Storage Specification allows the creation of authentication policy so that devices can determine trusted platform hosts.
"Digital systems vendors recognize the need to help their customers protect sensitive data from leakage or theft. Toshiba's security technologies provide designers of copiers, printers, PCs, and other systems with new capabilities to help address these important security concerns," said Scott Wright, a product manager in Toshiba's Storage Device Division, said in a statement.
In an email response to a Computerworld request for comment, Wright said Toshiba's technology allows multiple ways that data can be invalidated.
- Wipe 0: Standard ATA Security and TCG-Opal data invalidation command protocol
- Wipe 1: Protected data ranges invalidated at every power cycle
- Wipe 2: Protected data ranges invalidated if an uncertified host is connected
- Wipe 3: Protected data ranges invalidated if drive receives multiple invalid Unlock commands
When asked what might happen if a host motherboard failed, Wright said Wipe 1 would not be the ideal setting for data protection.
"Similarly, Wipe 2 or 3 could present challenges but ... the drive could be recovered with the use of administrator credentials. This, however, does bring to mind the importance of having a back-up of your data, as there is the possibility of drive failure (even if we dont like to think of that occurring) in addition to other hardware failures or power interruptions," he said.
In a hypothetical situation where law enforcement investigating a crime might want to access data on the new SED drives, a public safety organization could subpoena the contents of the drive, "which would require that administrator certificates be provided that would allow the contents of the drive to be produced," Wright said.
Otherwise, the data would be unaccessible.
Toshiba's data invalidation attributes can be set for multiple data ranges, enabling targeted data in the drive to be rendered indecipherable by command, on power cycle, or on host authentication error, what Toshiba described as "an industry first."
"This flexibility provides systems designers with a powerful set of data security options that can be easily incorporated into existing system architecture," the company stated.
Customer sampling and volume production of the new SEDs will begin in the second quarter focused on designated system manufacturers and independent software vendors so they can integrate the latest data wipe technology features.
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian, or subscribe to Lucas's RSS feed . His e-mail address is firstname.lastname@example.org.