An ongoing nightmare for IT managers is the loss of a notebook or laptop computer. The worst part of the loss isn't usually the cost of the notebook; it's the potential value of the data contained within. And in the case of the notebook of a senior manager or C-level executive, the potential repercussions of a lost or stolen notebook could be quite significant.
Using the Windows OS's built-in encryption to protect notebook and laptop data provides some security. To provide additional security--for example, to protect extremely valuable data--IT pros could use any of a number of third-party products that lock up areas of a user's hard drive as a secure storage vault and can be accessed only by using the correct passwords and Windows passwords. The problem with such solutions, though, tends to be that users often circumvent the security by copying that data elsewhere on their hard disk, or, unknowingly, in a cache that is in an unsecure section of the hard drive. Such actions nullify all the security precaution; they make the formerly secured data unsecured again because it's outside the explicitly protected storage areas.
Seagate Technology recently made a significant contribution to preventing this security problem when it announced its Momentus 2.5-inch notebook disk drives. The Momentus drives are interesting from a technology perspective in that they're the first product to use perpendicular recording, a technique that stands data bits on the end on the storage platter--thereby increasing disk density--as opposed to the flat-to-the-surface technique of standard hard disk technology.
But more important than the capacity improvements is that the Momentus drives introduce Seagate's hardware-based Full Disk Encryption (FDE) technology. FDE uses hardware encryption, keeping all cryptographic operations on the drive so they're invisible to the OS. A user need only enter his or her key to make the drive data available for use. Hardware encryption means that no software exists for hackers to attempt to crack to access data on the drive and users don't need to remember what directories to place data in or additional passwords for those files and directories. This security is part of Seagate's suite of on-drive security features, which fall under the umbrella name of DriveTrust Technology, and also includes key-management and recovery available as enterprise software solutions.
Because users have to do only a minimal amount of action to access the drive, Seagate's FDE technology, unlike other encryption methods, won't prevent users from getting their work done. Furthermore, the blanket protection that FDE provides all data on a protected drive means that users don't have to do anything to keep that data safe. From the IT perspective, the technology minimizes the exposure to data that needs to physically leave the corporate environment. An additional IT benefit is that no special initialization is needed to use the security nor any special software to format or wipe any drive. This means that hardware redeployment is significantly easier than when using a software-based drive-encryption technology.
You can find more detailed information about the Momentus FDE products at http://www.seagate.com/content/docs/pdf/marketing/PO-Momentus-FDE.pdf.
