Sign in with
Sign up | Sign in

Seagate Self-Encrypting HDD Now Gov't Certified

By - Source: Tom's Hardware US | B 14 comments

Seagate's Momentus Self-Encrypting Drive received FIPS 140-2 certification.

Tuesday Seagate announced that its Momentus Self-Encrypting Drive (SED)--the world's first laptop HDD with built-in encryption--has secured FIPS 140-2 certification from the U.S. National Institute of Standards and Technology (NIST).

In short, it's a 2.5-inch SED that even the government can rely on. In fact, Seagate's Momentus will be deployed by all U.S. and Canadian federal agencies, state and local governments, and regulated industries required to use FIPS-certified gear.

"Today’s NIST approval gives our system builder and end-user customers the peace of mind that Momentus Self-Encrypting Drives deliver the full power of government-grade security," said Dave Mosley, executive vice president of Sales, Marketing and Product Line Management at Seagate.

According to Seagate, the drive's embedded AES encryption chip automatically and transparently encrypts all drive data, not just selected files or partitions. IT administrators can instantly erase all data cryptographically for quick drive redeployment.

Additionally, the Momentus SED eliminates disk initialization and configuration required by encryption software. It even keeps all security keys and cryptographic operations within the drive, separating them from the operating system to provide greater protection against hacking and tampering.

Momentus SEDs with FIPS support are available in 250 GB and 500 GB capacities. To learn more about the entire Momentus range, head here.

Display 14 Comments.
This thread is closed for comments
  • 7 Hide
    sabot00 , September 15, 2010 12:16 AM
    It'll get hacked.
  • 3 Hide
    mark0718 , September 15, 2010 12:35 AM
    Can you make an image (encrypted, of course), of the drive
    without having the key? If not, how do you get your secretary or IT guy
    to make a backup of the system?

    Yes, the encrypted backup would have to include all of the data blocks
    on the disk, which makes backups take longer and take more space,
    but that is a good tradeoff for security in many cases.
  • 0 Hide
    Darkk , September 15, 2010 2:54 AM
    I personally use TrueCrypt to completely encrypt the hard drive. Nice about it is that I can select what cyper to use and it's completely transparent to the OS with little overhead. Also use to encrypt my flash drives and external hard drives.

    Recovery is easy. During creation it'll create a recovery CD with the original headers so if it ever gets damaged or lose the password long as you know the original password you can recover the data. Just have to keep the CD in a safe place...still requires a password to use the CD.

    Slick stuff.

    Darkk


  • 1 Hide
    randomizer , September 15, 2010 4:01 AM
    Wait, the key is stored on the drive protected only by physical barriers? Oh man. No wonder it only achieved Level 2 certification (there are 4 levels).
  • 0 Hide
    theoutbound , September 15, 2010 4:06 AM
    randomizerWait, the key is stored on the drive protected only by physical barriers? Oh man. No wonder it only achieved Level 2 certification (there are 4 levels).

    Agreed. It's impressive technology, but if anyone really wants the data and has physical access to the drive they will still get it.
  • 0 Hide
    dEAne , September 15, 2010 5:04 AM
    It should be standards to everyone.
  • 1 Hide
    randomizer , September 15, 2010 5:12 AM
    theoutboundAgreed. It's impressive technology, but if anyone really wants the data and has physical access to the drive they will still get it.

    If the drive had Level 3 or 4 certification it would have to erase all plain text cryptographic keys upon opening of the drive. It wouldn't be so much of an issue if that was the case here. But this drive won't do that.
  • -2 Hide
    h0b096 , September 15, 2010 6:29 AM
    W00T!!!!! encrypted pornography for everyone
  • 0 Hide
    back_by_demand , September 15, 2010 6:46 AM
    mark0718Can you make an image (encrypted, of course), of the drivewithout having the key? If not, how do you get your secretary or IT guyto make a backup of the system?

    Most company systems will sync up to a profile which is stored on the company servers. The local hard drive could get trashed and a new drive put in and the profile syncs up again.
  • -4 Hide
    digitalgriffin , September 15, 2010 2:37 PM
    >FIPS 140-2 certification from the U.S.
    >National Institute of Standards and Technology (NIST).

    Isn't that like gov't saying, "Here is a lock for the chicken house that we designed for you. Don't worry. We won't ever use the key we designed to access it"
  • 0 Hide
    kikireeki , September 15, 2010 4:03 PM
    I hope it is not another CC-fly!!
  • 0 Hide
    maestintaolius , September 15, 2010 4:11 PM
    digitalgriffin>FIPS 140-2 certification from the U.S. >National Institute of Standards and Technology (NIST).Isn't that like gov't saying, "Here is a lock for the chicken house that we designed for you. Don't worry. We won't ever use the key we designed to access it"

    Not really, it's just a set standards just like any other set of standards (and pretty generally defined when you read the document) whether it's from UL, IEEE or any other of the bajillion standards agencies (private, public and gov't) that are out there. Put away the tinfoil hat, roads and hard hats have gov't standards too and it's hardly an evil gov't plot to steal your dvd collection.
  • 0 Hide
    digitalgriffin , September 15, 2010 6:49 PM
    Well it seems to be an overriding conflict of intrest maestintaolius.

    Did you know the largest single contributor to anonymizer is the US government? When you make the US gov't the keepers to our secrets, who watches the keepers?
  • 0 Hide
    eddieroolz , September 15, 2010 8:16 PM
    Nothing is hackproof, but at least this will enhance security on an otherwise unsecured device.