Self-Encrypting Drives Part II
Self-Encrypting Drives: Security for Every System
What's this
Encryption involves some very compute-intensive algorithmic scrambling of all data within the file, folder, or volume selected by the user. This encryption (and subsequent decryption) can be performed by either the CPU through software applications, such as Microsoft BitLocker and the open source TrueCrypt, or by a dedicated cryptographic engine built into a chip mounted on the storage drive’s circuit board. Seagate launched the Momentus FDE 2.5” hard drive with this latter approach. In some respects, the Momentus FDE should have taken the market by storm, but, being a first-gen product, it came with a predictable price premium, mostly because of the necessary cryptographic ASIC. Additionally, issues with a lack of BIOS support from some motherboard manufacturers prevented the drive from functioning as advertised on a wide variety of platforms. Not least of all, IT staff that could get the drives to work faced challenges with complex management because third-party software developer support remained in its infancy.
These issues have gradually receded, but some memories and preconceptions die hard. It’s taken nearly a decade for SEDs to approach a tipping point, but that moment seems to have arrived. Seagate, Samsung, Hitachi GST, and Western Digital all produce SEDs today, and self-encrypting support in solid state drives (SSDs) is quickly becoming universal. Compatibility issues have vanished, and SED retail prices are now at near-parity with non-encrypting models. (In the enterprise market, Seagate has erased the price difference altogether.) Perhaps most significantly, Microsoft’s Windows 8 is the first operating system to offer native SED management support.

Every legitimate objection to SEDs seems to have evaporated. A Microsoft-backed report by Coughlin Associates, “Self-Encrypting Drive Market & Technology Report,” noted in August 2011 that by 2013 “SED capability will be in over 80% of SSDs and likely in almost all SSDs [by 2014].” Additionally, “it is likely that by about 2017 all HDDs will shift to SED capable units.”
The time to better understand drive security and be ready to switch over to SEDs is now, so let’s dig into the details and make sure you’re armed with the information you’ll need.
Every legitimate objection to SEDs seems to have evaporated. A Microsoft-backed report by Coughlin Associates, “Self-Encrypting Drive Market & Technology Report,” noted in August 2011 that by 2013 “SED capability will be in over 80% of SSDs and likely in almost all SSDs [by 2014].” Additionally, “it is likely that by about 2017 all HDDs will shift to SED capable units.”
The time to better understand drive security and be ready to switch over to SEDs is now, so let’s dig into the details and make sure you’re armed with the information you’ll need.