The next step in data security: Toshiba drives wipe themselves

Self-encrypting drives can detect when they are connected to the wrong host and automatically erase sensitive data

How do you protect sensitive corporate data stored on stolen laptops or multifunction printer drives? While Dell, HP, and other companies offer technologies and services that can wipe laptop hard drives remotely, they apply only if the drives are still in the original device. But for drives that have been removed and connected elsewhere, Toshiba has come up with a technology to address that very issue: self-encrypting drives (SEDs) that can be configured to automatically perform a second-generation data wipe when connected to an unknown host.

Data stored on Toshiba's SEDs are typically encrypted using a 256-bit AES algorithm. At power on, the host device and the drive perform a mutual authentication process. If the authentication fails, the drive can be configured to wipe designated sensitive data via crypto erase, a process that destroys the encryption keys stored on the drive, rendering the data useless.  

Toshiba is targeting the new drives to laptops, copiers, multifunction printers, and point-of-sale systems in government, financial, medical, or other environments that need to address stringent compliance issues for protecting sensitive information. Printers, multifunction devices, and copiers have long been security concerns, as the drives used to store data are nearly identical to those used to store data on PCs. Physical theft of the drives can expose a lot of recently printed sensitive information.

The new MKxx61GSYG SED models are based on the Trusted Computing Group "Opal" specification and range in capacity from 160GB to 640GB. They join Toshiba's existing line of self-encrypting drives and can be configured for several different data invalidation options, such as wiping data on command, at every power cycle, or after a certain number of failed user unlock attempts. They can also be set up to wipe specific data ranges to suit a variety of data security requirements. Volume production of the new drives is expected to take place in the second quarter of this year.

This story, "The next step in data security: Toshiba drives wipe themselves," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow on Twitter.

Copyright © 2011 IDG Communications, Inc.

How to choose a low-code development platform