Seagate took a big step in the history of disk drives yesterday, although it may take a while for it to be seen as such.

Seagate announced the availability of a slew of self-encrypting drives (SED) for enterprise applications. Because these drives plug and play with secure TCG-standard controllers available from LSI and Intel,  fully secure servers and storage systems can now be built as easily as any other system.

Chris Mellor at The Register grasped the implications, as did Joe Kovar at CRN.

Encryption is not new. What is new is that the building blocks are now in place for any system builder to make a fully secure, fully encrypted system.  Seagate’s Teresa Worth says it well: “Strong enough for National Security, simple enough for the one-man IT shop.”

What does “fully secure” mean?

• Every byte of data stored on the system is encrypted as it is written with government-grade AES 128 bit algorithms
• There is no performance impact; the drives are just as fast as their non-encrypting siblings
• Drives removed from the array cannot be accessed without the encryption password
• New controllers cannot access the drives without the encryption password

As a matter of fact, Seagate’s self-encrypting drive technology is so secure that it has been endorsed by the National Security Agency.

Instant Secure Erase

“Fully secure” also means that drives can be totally erased instantly by simply deleting the encryption password.  That’s huge for businesses everywhere that currently retire tens of thousands of drives, many (most) of which still contain sensitive data.

Instant Secure Erase alone makes these secure systems worth adopting.

We’re at the cusp of a new era of secure servers and storage.  Before long, most if not all business systems will be populated with self-encrypting disk drives.  It may even be mandated.

Which system builders will grab hold of this opportunity and take the early lead in this space?