The National Security Agency (NSA) has qualified Seagate Technology’s (NYSE:STX) Momentus 5400 FDE.2 hard drive for use in laptops and other computing devices deployed by federal agencies and contractors.
The NSA is the cryptologic intelligence arm of the U.S. government.
With the qualification, Seagate becomes the first hard drive maker to have received the agency’s nod of approval, which signifies that the drive meets national security standards for securing sensitive information.
“The qualification bears undeniable witness to the tremendous strength of the Seagate Secure portfolio of self-encrypting disk drives in protecting sensitive information for government, private enterprises and consumers alike,” Tom Major, vice president of Seagate’s personal storage business unit said in a statement.
Laptop security and data protection are top issues for both government and public companies as threats to mobile data have increasingly become a concern. Mobile devices are the most often-cited cause of data breaches, according to a 2007 study of U.S. organizations by the Ponemon Institute, with almost half of the thefts having been tied to missing or lost devices.
One of the most infamous incidents happened two years ago when the Department of Veterans Affairs disclosed that around 26.5 million veterans were at risk of identity theft due to a missing laptop.
Not surprisingly, as threats mount and the costs of encryption technology decline, encrypted hard drives and hard drive enclosures are gaining favor. Already, a number of vendors are marketing models that can protects data at the drive level — useful even once a device goes missing.
“The use of encryption is driven now more than ever by the need to mitigate the consequences of a potential data breach,” Ponemon reported in a new study this year. That study found that 71 percent of its survey respondents rated potential breaches as the top reason for deploying encryption, up from 66 percent in 2007.
That’s one of the impetuses behind Seagate’s Momentus 5400 FDE.2 self-encrypting laptop PC hard drive, which relies on automated, hardware-based, full-disk encryption.
The 5400 FDE.2 uses Advanced Encryption Standard (AES) to encrypt data. The National Institute of Standards and Technology, the federal agency focused on promoting product innovation by establishing technical standards, certified AES last year.
Authentication to the drive and host laptop requires a password and is done pre-boot. Coupled with its full-disk encryption, the idea is that an unauthenticated disk can’t be forcibly removed from a notebook or datacenter and be accessible to would-be data thieves.
Similarly, drives like the Momentus, which use an encryption key on the disk, are often also marketed as being so secure that they can make the task of repurposing or erasing old drives far easier for IT staff.
Rather than having to securely reformat drives to ensure old data is irretrievable, an encrypted disk like the 5400 FDE.2 can be rendered unreadable by simply deleting its encryption key.
With third-party encryption key management software, other forms of authentication such as biometrics and smart cards can be added to the 5400 FDE.2 for two- and three-factor authentication, according to Seagate.