Industry Group Releases Self-Encrypting Hard Drive Standards

By Matthew Harwood

Hard-drive vendors now have three new encryption standards to adhere to as they manufacture their products to help eliminate data breaches.

The Trusted Computing Group, a nonprofit organization that develops open standards for vendors, says its Opal standards act as a blueprint for developing self-encrypting hard drives that protect stored data.

According to the Privacy Rights Clearinghouse estimates, 251,154,519 records have been lost or stolen in the U.S. alone since January 2005.

“Lost and stolen data costs industry and consumers hundreds of millions of dollars, not to mention loss of credibility, legal
issues and lost productivity," said Robert Thibadeau, the chair of the Trusted Computing Group Storage Work Group. "TCG’s approach to Trusted Storage gives vendors and users a transparent way to fully encrypt data in hardware without affecting performance so that data is safe no matter what happens to the drive.”

Wave Systems Corp., a trusted computing solutions provider, praised the standards as identity theft rates rise and states pass new regulations to protect consumer data.

The use of encryption is growing rapidly in response to the escalating number of data breaches reported nationwide. The Identity Theft Resource Center recently reported a 47 percent increase in the number of data breaches in 2008 compared with the previous year; and identity theft is now the fastest growing crime in the nation, according to the U.S. Department of Justice. Recently, Massachusetts and Nevada passed tough new data protection laws for businesses mandating encryption of all personal information stored on laptops.

"For businesses worried about protecting confidential data: employee social security numbers; customer credit card numbers; patient medical records; trade secrets – it only makes sense that hardware FDE drives are included every time you buy a new PC," said Steven Sprague, Wave‘s CEO and president. "You wouldn‘t think of buying a car without air bags; don‘t buy a new PC without an FDE drive. There‘s never a question of whether encryption is on—it‘s a ‗set it and forget it‘ solution." reports that industry support for the new standards is strong. Some vendors, such as Seagate, are already selling encrypted drives based off the proposed standard.

You can view the new Opal standards here.



View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.