Collapse & Return to Top
Whether it is sensitive customer information, intellectual property or proprietary data that helps a company reach its strategic objectives, a company's data may be its most valuable asset. If this data is misplaced or stolen, organizations run the risk of lost revenue, legal implications, and a tarnished reputation. The unfortunate truth is that an organization's data is becoming increasingly vulnerable as lost, accidentally exposed or breached data is becoming more and more commonplace in today's environment. With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and is becoming part of the corporate landscape for many. Eliminating exposure of private data is now simply viewed as a sound business practice.
To avoid the high costs associated with data exposures such as these, organizations must put in place a comprehensive security strategy. While each point in the storage infrastructure provides unique threat models, data-at-rest presents one of the highest security vulnerabilities. Data spends most of its life at rest on drives within the data center. As these drives will eventually leave the data center either for repair, retirement, relocation or maintenance, it is at this time that drives - and the data contained on these drives - are most vulnerable to being lost or stolen.
The emergence of self-encrypting drives is timely in mitigating the security vulnerabilities of data-at-rest. Self-encrypting drives that adhere to the TCG (Trusted Computing Group) Enterprise Security Subsystem Class specification are National Security Agency qualified and provide unparalleled security with government-grade encryption. With SEDs, if a drive is removed from its storage system or the server it is housed in, the data on that drive is encrypted and useless to anyone who attempts to access it without the appropriate security authorization. Many safe harbor laws protect organizations that store data in compliance with security encryption requirements. In fact, in many cases, an organization will not have to notify a customer of lost data if that data was stored on secured self-encrypting drives.