Seagate Self-Encrypting HDD Now Gov't Certified

By Kevin Parrish
published

Seagate's Momentus Self-Encrypting Drive received FIPS 140-2 certification.

Tuesday Seagate announced that its Momentus Self-Encrypting Drive (SED)--the world's first laptop HDD with built-in encryption--has secured FIPS 140-2 certification from the U.S. National Institute of Standards and Technology (NIST).

In short, it's a 2.5-inch SED that even the government can rely on. In fact, Seagate's Momentus will be deployed by all U.S. and Canadian federal agencies, state and local governments, and regulated industries required to use FIPS-certified gear.

"Today’s NIST approval gives our system builder and end-user customers the peace of mind that Momentus Self-Encrypting Drives deliver the full power of government-grade security," said Dave Mosley, executive vice president of Sales, Marketing and Product Line Management at Seagate.

According to Seagate, the drive's embedded AES encryption chip automatically and transparently encrypts all drive data, not just selected files or partitions. IT administrators can instantly erase all data cryptographically for quick drive redeployment.

Additionally, the Momentus SED eliminates disk initialization and configuration required by encryption software. It even keeps all security keys and cryptographic operations within the drive, separating them from the operating system to provide greater protection against hacking and tampering.

Momentus SEDs with FIPS support are available in 250 GB and 500 GB capacities. To learn more about the entire Momentus range, head here.

Kevin Parrish
14 Comments Comment from the forums
  • sabot00
    It'll get hacked.
    Reply
  • mark0718
    Can you make an image (encrypted, of course), of the drive
    without having the key? If not, how do you get your secretary or IT guy
    to make a backup of the system?

    Yes, the encrypted backup would have to include all of the data blocks
    on the disk, which makes backups take longer and take more space,
    but that is a good tradeoff for security in many cases.
    Reply
  • Darkk
    I personally use TrueCrypt to completely encrypt the hard drive. Nice about it is that I can select what cyper to use and it's completely transparent to the OS with little overhead. Also use to encrypt my flash drives and external hard drives.

    Recovery is easy. During creation it'll create a recovery CD with the original headers so if it ever gets damaged or lose the password long as you know the original password you can recover the data. Just have to keep the CD in a safe place...still requires a password to use the CD.

    Slick stuff.

    Darkk


    Reply
  • randomizer
    Wait, the key is stored on the drive protected only by physical barriers? Oh man. No wonder it only achieved Level 2 certification (there are 4 levels).
    Reply
  • theoutbound
    randomizerWait, the key is stored on the drive protected only by physical barriers? Oh man. No wonder it only achieved Level 2 certification (there are 4 levels).Agreed. It's impressive technology, but if anyone really wants the data and has physical access to the drive they will still get it.
    Reply
  • dEAne
    It should be standards to everyone.
    Reply
  • randomizer
    theoutboundAgreed. It's impressive technology, but if anyone really wants the data and has physical access to the drive they will still get it.If the drive had Level 3 or 4 certification it would have to erase all plain text cryptographic keys upon opening of the drive. It wouldn't be so much of an issue if that was the case here. But this drive won't do that.
    Reply
  • h0b096
    W00T!!!!! encrypted pornography for everyone
    Reply
  • back_by_demand
    mark0718Can you make an image (encrypted, of course), of the drivewithout having the key? If not, how do you get your secretary or IT guyto make a backup of the system?Most company systems will sync up to a profile which is stored on the company servers. The local hard drive could get trashed and a new drive put in and the profile syncs up again.
    Reply
  • digitalgriffin
    >FIPS 140-2 certification from the U.S.
    >National Institute of Standards and Technology (NIST).

    Isn't that like gov't saying, "Here is a lock for the chicken house that we designed for you. Don't worry. We won't ever use the key we designed to access it"
    Reply