How Seagate Technology approaches enterprise data security

Data is at the heart of every business, with data security and integrity now more important than ever before. Maintaining data integrity starts with ensuring that data is secure and cannot, has not been tampered with.
 
According to Bob Yang, Regional VP of APAC Sales at Seagate Technology, security analysts recommend a complete range of protective solutions that includes both software and hardware-based encryption to ensure data security. Relying on one or the other — either a software solution or hardware solution for data security — makes meeting end-to-end data security needs more difficult. He added IT managers and company management teams must recognize data security began long before the company purchased its infrastructure equipment and software and put it into use.
 

Based on IDC’s Data Age 2025 report, the hard drive industry will supply nearly 59 percent of data storage capacity through 2025. As a hard drive manufacturer, Seagate addressed data security needs in its hard drives by embedding security “throughout the product lifecycle, from the conceptual phase of design to final retirement or reuse,” Yang said.
 
The Seagate Secure storage solution was one way to give organizations “greater control of their data security,” Yang said. The Seagate Secure includes self-encrypting hard drives with features like secure download and diagnostics and Instant Secure Erase to keep data secure.
 
These features all aim to keep data secure even if the hard drive is lost or stolen. For example, the self-encrypting drives (SEDs) encrypt all data as it enters the drive, using an encryption key stored securely on the drive itself. The drive is encrypted at rest by default. If the drive needs to be retired or repurposed, the drive owner only needs to send the command to the SED to perform an instant secure erase (ISE). “The ISE uses the SED’s cryptographic erase capability to change the data encryption key. The data becomes unreadable and cannot be recovered,” he added.
 
To further ensure the security of the hard drive, the secure diagnosis and download (SD&D) feature prevents unauthorized access to a drive’s firmware. It also blocks tampering with firmware executables and sensitive system-level data. Yang stressed that since a drive’s firmware was impossible for antivirus programs to scan. “It is crucial for organizations to not overlook securing this element.” Additionally, SD&D also employs forensic logging to trace unauthorized attempts to load or manipulate firmware.
 
Yang also emphasized the need for organizations to “go beyond” protecting its systems and networks. He noted that tougher standards like the General Data Protection Regulation (GDPR) are placing a greater emphasis on data accountability. Not only that, but it requires companies to truly understand, report, manage and protect the data they store. As such, it is important that organizations add additional layers of security to its data to meet these requirements.
 
One way that Seagate has done this with its hard drives is through additional certifications. Its hard drives can be configured to Federal Information Processing Standards (FIPS) 140-2 Level 2 certification; Trade Agreement Act (TAA) compliant; and Common Criteria accreditation. These different certifications can be added to its hard drives to meet different regulatory requirements.