Vendors take giant leap with drive encryption

Vendors take giant leap with drive encryption

Rival companies deliver strong, secure drives that don't skimp on performance

The Embassy suite also offers a feature for centralized, remote administration (though this was not activated on my system). This feature warrants consideration for organizations where many users need laptops with full-drive encryption.

After being spoiled by the broad set of features of the Embassy suite, I had only the streamlined BIOS screens to get the encryption going on the Hitachi drive. That works to switch the drive security on and off, but you can't activate other options from the BIOS screen, such as quickly erasing the content by destroying the key -- despite the fact that the drive firmware has that capability.

With encryption activated, my laptops stopped at boot time with a prompt to enter a password. Appropriately both drives limit the number of wrong password attempts. In fact, after more than three incorrect passwords, the Travelstar automatically turned off. The Momentus is a bit more lenient toward forgetful users; they will have to power cycle the machine after five failed attempts.

Obviously, your password should not be easy to guess. Appropriately, using the Embassy Security Center, you can set the system to enforce strong user passwords, flexibility that's missing if you set the password via BIOS.

Moving the two drives to a different system also proved to be a dead end for a potential hacker. Windows did not even recognize the drives and couldn't access the file system on them. Trying to get to the drives' content from a Linux machine proved equally unsuccessful.

Swift and secure

Although, I ran my tests on similar machines, the drives' different capacities and rotation speeds make a direct performance comparison moot. Nobody should be surprised to learn that the Hitachi drive performed consistently faster.

Regardless, what's more important is how much, if at all, encryption affects performance and what impact encryption-capable drives have when it comes to managing laptops.

To that effect, the Wave Systems security is a terrific help in managing encryption on the Seagate Momentus FDE.2, adding not only simplified management but access to some of the drive's otherwise inaccessible features, such as crypto-erasure and strong-password enforcement.

Managing encryption from the laptop BIOS is doable and grants data protection, but if you have more than just a few laptops to babysit, the management suite from Wave Systems can make life much easier.

Perhaps the most important outcome of my evaluation is that after activating encryption, I did not notice any slowdowns on either drive. Moreover, running the same benchmarks on both drives with and without encryption, I saw no significant differences in terms of performance. This confirmed my impression that neither drive had lost responsiveness; both drives passed the performance tests with reasonable marks.

This is probably the most significant advantage that built-in hardware encryption has over software-based alternatives, and it should remove any excuse for not encrypting sensitive data on laptops.

According to ASI Computer Technologies, adding encryption increased the cost of the laptop by US$100, less than 6 percent. Hitachi is not talking price at the moment but I would be very surprised if the additional cost for an encrypted drive would be much different.

With that in mind, getting a laptop with full-drive encryption should be a no-brainer. A handful of dollars is a small premium for insurance against possibly disruptive damage. Easy management such as what the Embassy suite offers will add to that priceless peace of mind.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments