 |
 |
Competitive Analysis Review Highlights Hardware Encryption Advantages over Traditional Software FDE Solutions
Trusted Strategies Evaluation Finds Significant Performance Advantages for Self-Encrypting Drives: New Report Available
Lee, MA, and Scotts Valley, CA — February 16, 2010 —Before selecting one of the leading software-based full disk encryption solutions, consider this: It could take up to 24 hours to configure, install and encrypt the contents of the hard drive. That's per user. Compare this to self-encrypting drives—where encryption is built into the drive itself. Each drive takes only a minute or two to configure.
These and other findings are detailed in the newly published review "FDE Performance Comparison: Hardware vs. Software Full Drive Encryption," by Trusted Strategies LLC, an advisory firm specializing in IT security based in Pleasanton, California. The complete report, sponsored by Seagate Technology (NASDAQ:STX) and Wave Systems (NASDAQ:WAVX), is available athttp://www.trustedstrategies.com/papers/comparing_hardware_and_software_fde.pdf.
In its research, Trusted Strategies ran tests on three leading software FDE solutions and one hardware FDE solution, Seagate self-encrypting hard drives, putting them through a battery of tests such as initialization, system backups, virus scanning and opening, reading and writing large 100MB+ files used with larger applications. Startup and application loading took appreciably longer on platforms running software encryption. The biggest performance difference came with specific tasks, such as virus scanning or copying large amounts of data where hardware-based encryption was 114 percent faster than the average software FDE solution and comparable to the performance of a standard, non-encrypting hard drive.
Other highlights of the report include:
- HARDWARE SPEEDS ENCRYPTION—Self-encrypting drives performed between 77 and 144 percent faster than the software FDE. File/write performance tests showed hardware encryption performed 43 percent faster than the average of the three software FDE solutions.
- Software FDE can take a full day to deploy and encrypt data—Installation and configurations for software can take from 12 to 25 minutes, but encrypting the data on a drive adds hours to the process. One software FDE solution took 23 hours and 46 minutes to complete the encryption on a 500 GB drive.
- Hardware provides stronger protection of keys—With self-encrypting drives, the encryption keys are created and always held in the protected hardware of the drive. Therefore, they are not exposed to memory and CPU attacks. In addition, the user authentication is done securely by the drive hardware.
- SOFTWARE FDE SOLUTIONS DON'T ALWAYS PROVIDE PROOF OF COMPLIANCE—A primary driver for laptop encryption is to achieve compliance with various data protection laws. While some software-based FDE solutions do a "reasonably good job" in reporting and central management, other software-based solutions can't prove that a specific laptop's disk was ever encrypted or that it is still being encrypted.
"Any type of full disk encryption is better than no encryption at all," noted Trusted Strategies' Bill Bosen, lead author of the review. "Software encryption is a good solution for continued use on legacy machines until the next purchase of laptops. Then it's a good idea to take advantage of the performance, security, and installation advantages of hardware-based protection. Self-encrypting drives, coupled with their powerful central management solutions are clearly the way of the future."
"The chief perennial drawbacks to deploying software encryption for laptop computers are its management complexity and its significant drag on system performance," said Dave Mosley, Seagate Executive Vice President, Sales, Marketing and Product Line Management. "Seagate continues to work closely with Wave Systems and other independent software vendors to deliver hardware-based laptop PC security that centralizes and simplifies the management of secure laptops, reduces related costs, preserves full system performance and, in the end, brings laptop security to a wider range of computer users."
"One of the most striking findings in the Trusted Strategies benchmark review was the significant differences in the time it took for Wave's preboot authentication to occur in the Seagate® drives vs. the software encryption pre-boot solutions," commented Lark Allen, Executive Vice President of Business Development for Wave Systems. "With Wave's pre-boot code on the self-encrypting drives, it added only two additional seconds to authenticate the user and unlock the drive. Software encryption preboot, on the other hand, added a significant amount of time — between 19 and 23 seconds. That's a real performance penalty every time a user unlocks their system."
About Seagate
Seagate is the worldwide leader in hard disk drives and storage solutions. Learn more at http://www.seagate.com.
About Wave Systems Corp.
Wave is a pioneer in hardware-based PC security that provides software to help solve critical enterprise PC security challenges such as data protection, strong authentication, network access control and the management of these enterprise functions. Wave is a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security. Wave’s EMBASSY® line of client- and server-side software leverages and manages the security functions of the TCG’s industry standard hardware security chip, the Trusted Platform Module (TPM) as well as hard drives that comply with TCG’s “Opal” self-encrypting drive (SED) standard. Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than most existing software-based encryption solutions. TPMs are standard equipment on many enterprise-class PCs shipping today and have shipped on an estimated 300 million PCs worldwide. Using TPMs and/or SEDs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions. Visit http://www.wave.com for more information.
Safe Harbor for Forward Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.
When referring to drive capacity, one gigabyte, or GB, equals one billion bytes and one terabyte, or TB, equals one trillion bytes. Your computer’s operating system may use a different standard of measurement and report a lower capacity. In addition, some of the listed capacity is used for formatting and other functions, and thus will not be available for data storage. Seagate reserves the right to change, without notice, product offerings or specifications.
All brands are the property of their respective owners.
For more information please contact:
Seagate Media Contact: |