Toshiba Corporation has started sampling the world’s first series of Self-Encrypting Drives (SED) equipped with features to “wipe” protected data from the disk if the disk drive is removed from the host platform.
Wipe Technology allows users to determine a range of security settings, including invalidation of encryption keys and data invalidation when a drive is removed from its housing or connected to an unauthorized host system.
As a successor to the MKxx61GSYD series, the 2.5 inch MKxx61GSYG range starts with the MK1661GSYG, a 160 gigabytes (GB) 7,200rpm SATA3 drive, and contains five models up to the 640GB MK6461GSYG. Using government-grade AES-256 encryption these SEDs offer a range of security features including:
- Invalidation of all data by the system – This invalidates all data. This feature is designed for use prior to system disposal or re-purposing to ensure that private data never leaves the control of the responsible business unit or the IT department.
- Invalidation of data on powering down – The HDD encryption key is automatically invalidated when the drive’s power supply is turned off. If a Wipe Technology SED drive is removed from a system, it can be set to invalidate all data on the drive.
- Invalidation of data when the equipment is connected to an unauthorized system – When an SED HDD is inserted into a system it triggers “challenge response”authentication to confirm the system is known to the HDD. If the authentication fails, the HDD automatically deletes the encryption key. This level counteracts attempts to read a drive by physically removing it from a secure host system and installing it in another system.
The Toshiba AES-256 encryption algorithm implementation is certified by the US National Institute of Standards and Technology (NIST) through its Cryptographic Algorithm Validation Program (CAVP).