Hitachi ships Travelstar 7K200 encrypted hard drive
Please, please, please say I didn't hit 'Quick Erase'...
Hitachi Global Storage Technologies has begun volume shipment of the Travelstar 7K200, a high-capacity, high-performance laptop hard drive with new optional data encryption technology. The new drive features up to 200GB capacity, a 22 per cent overall performance improvement over its predecessor, and improved shock tolerance, among other technical improvements. The 7200RPM Travelstar 7K200 has power consumption, heat emission, and acoustics comparable to its 5400RPM counterparts and features a Serial ATA 1.5GBps, 1.5GBps encrypted, or 3GBps interface.
Optional Bulk Data Encryption technology provides information security as data is scrambled with a key as it is being written to the disk and then descrambled with the key as it is retrieved. The Travelstar 7K200 is available immediately on Dell XPS laptops and on Alienware laptops. Customers requiring the highest capacity will be able to purchase dual hard-drive configurations with 400GB of available storage on the XPS M2010 and Aurora m9700 models.
This announcement is the awaited follow-up to last November's initial announcement of the 7K200. While there are several technical enhancements evident in the hard drive, we believe there are two areas in which this drive hits the target especially well. First is its impact on system resources, especially power and acoustics, which is similar to existing 5400RPM solutions. Second is its hardware-based AES data encryption. Both of these are important considerations for commercial users, especially with today's increasingly mandated data security practices.
By offering increased performance and capacity, these drives are well suited for mobile professionals who often find themselves operating on battery power for extended periods of time. Although the improved performance of the 7200RPM drive will potentially allow users to complete their tasks more rapidly, in most scenarios this incremental improvement would be more than offset by shorter battery life due to increased power consumption by the drive.
Fortunately, this is not an issue for the 7K200 given its power consumption parity with existing 5400RPM drives. As vendors continue to raise the bar for the performance of their high-end laptops, battery technology has had a more difficult time keeping up with the demand while maintaining a workable form factor. It is encouraging to see that in this case improvements in storage performance will not substantially impact battery life.
The most interesting aspect of this announcement, however, is the availability of the optional hardware-based encryption. This native-to-the-drive approach to encryption offers advantages over software encryption, which is generally not well understood by the technical layperson.
Additionally, hardware-based approaches do not add a load on the CPU in order to execute the encryption and decryption. By having all encryption and decryption activities occur simply as part of the read or write activities to the drive, they can be largely invisible to the user, which can remove a large obstacle to an effective deployment.
While encryption of laptops may initially be thought of as a means to secure data in case of loss or theft, it can also prove advantageous to IT operations. From an operations perspective simply deleting the encryption key renders the hard drive unreadable and could save considerable time in repurposing equipment to new users. This capability is offered through the Quick Erase feature and we suspect will be a capability welcomed by IT managers and support personnel who are tasked with managing laptops and safeguarding sensitive information that may be stored within.
Overall, this announcement illustrates continued improvement in laptop hard-drive performance and capability along with an appreciation for energy efficiency that should make these drives a logical solution for most corporate laptop users. Hardware-based encryption for laptop hard drives is still new, but is gaining momentum in the marketplace as witnessed by this announcement and the Seagate announcement earlier this year.
The Quick Erase feature may in and of itself be a sufficient reason for many organizations to decide on encryption simply to reduce the time and expense involved in their laptop recycling or redeployment practices. Nevertheless, we believe the security and best practices afforded by their use in highly regulated industries is a no-brainer and expect to see such deployments grow.
Is this new? Is this PRnewswire?
Well yes, those questions asked already are good questions.
The ATA-3 spec included password-protected drives, and that was some considerable time ago. Password protected drives would seem to offer an opportunity to easily prevent unauthorised access to data, when sensibly implemented by an organisation with a clue. The spec also included a "master" password to cover the "I've forgotten my password" scenario. Very few people know about this capability, and/or very few products used it - but the recent outbreak of clueless organisations who have lost unprotected laptops may make it suddenly more interesting.
One vendor offering this capability, back in 1998, was Compaq, who called it DriveLock. A Compaq technical whitepaper on DriveLock can be found ftp://ftp.compaq.com/pub/supportinformation/papers/na118a0598.pdf
The HP Compaq nx6125 which I bought a couple of years ago has DriveLock; I don't know whether it's in today's HP range or whether other vendors offer similar functionality, but it seems like a fairly basic requirement for a business-class notebook in an organisation with a clue.
One might hope that a competent "industry analyst" article might provide this kind of historical and market background, but a vendor-sponsored pure-PR piece might not be expected to do so.
Great way to lose data forever
Imagine this: you drop the laptop and damage the motherboard, but the drive is OK.
You move the drive to another machine, but you can't read the drive because you don't have the AES key (it's in the BIOS of the dead machine) or the new machine doesn't support this kind of drive.
Bye-bye data. Not good.
I may be missing an important aspect here, and that is key management. That is, the encryption takes place on the drive, and the drive holds the key (I'm guessing) until told to forget it. So where does theft protection come in? If someone steals my laptop, can they read the drive unless they purposefully wipe it out? That's absurd.
Either this press release, er, hardware review is missing some important information (such as a password required at startup for the drive to correctly read its contents or other key management scheme), or this feature is, well, useless.
Will this become part of compnant hardware based DRM/CP?
Why haven't drives done this before?
Seems to me this should be a default option on pretty much any hard-drive - whether laptop or desktop. Let the bios enforce the password and the disk is automatically secure against casual theft (of course, if the No Such Agency and its friends want to know, they're going to be able to apply the necessary de-encryption effort anyway) and automatically becomes usable irrespective of OS - or even as shared areas between two OSs on the same machine.
Mind you, I'd like to see how the bios does the password/phrase.