In my last post, “Is Data in the Cloud Safe?” I talked about how few cloud service providers encrypt data at rest and how this impacts the security of your cloud data – especially when drives are retired. This post discusses a fast, easy way to enable secure cloud computing by using Self-Encrypting Drives to protect data at rest.
Nearly all drives are eventually retired.
Seagate estimates that 50,000 drives are retired from data centers and cloud providers daily. Sensitive data resides on such drives, and when most leave, the data they contain is still readable. When hard drives are retired, they move outside the control of cloud service providers – adding to the security risk. Just as in the data center, cloud providers routinely retire drives for a variety of reasons, including:
- Returning drives for warranty, repair or expired lease agreements
- Removal and disposal of drives
- Re-purposing drives for other storage duties
Self-Encrypting Drives Address Data at Rest Security Concerns and Enable Cloud Adoption
Self-Encrypting Drives like the Seagate Pulsar, Savvio, Cheetah, and Constellation products (for servers and storage systems)
automatically encrypt and decrypt data as it is written to the drive. When it is time to re-purpose or retire the device, cloud providers can simply delete the password and “Poof” all data on the drive is rendered unintelligible – in less than a second (whether the drive is 500GB or 3T!)
Seagate calls this Instant Secure Erase, and it’s included in every enterprise Self-Encrypting Drive – including both hard disk drives and solid state drives. What’s more, there is no performance impact, because the encryption is all done in hardware.