April 13, 2011, 3:05 PM — Toshiba Wednesday unveiled its first family of self-encrypting hard disk drives (HDDs) that can also erase data when connected to an unknown host.
The new Toshiba Self-Encrypting Drives (SED) (models MKxx61GSYG) enable system manufacturers to configure different data invalidation options that align with various end-user scenarios.
The new 2.5-in, 7,200 rpm drives are targeted for use in PCs, copiers and multi-function printers, along with point-of-sale systems used in government, financial, medical, or similar environments that need to protect sensitive information.
The drives come in capacities ranging from 160GB to 640GB, and have 16MB of buffer memory, and use the serial ATA (SATA) 2.0 specification, which affords up to 3Gbit/sec throughput.
When initially powered up, Toshiba's new SED HDDs and their host perform an authentication process. If the authentication fails, the drive can be configured to simply deny access or perform cryptographic erase on specified blocks of data. Cryptographic erase is the process by which keys that allow a system to decrypt data are deleted, leaving the data permanently encrypted and unreadable.
The new HDDs use the AES 256-bit encryption algorithm to protect data at rest, and a proprietary data wipe technology that's enabled by the Opal Storage Specification from the Trusted Computing Group. The Opal Storage Specification allows the creation of authentication policy so that devices can determine trusted platform hosts.
"Digital systems vendors recognize the need to help their customers protect sensitive data from leakage or theft. Toshiba's security technologies provide designers of copiers, printers, PCs, and other systems with new capabilities to help address these important security concerns," said Scott Wright, a product manager in Toshiba's Storage Device Division, in a statement.
Toshiba's data invalidation attributes can be set for multiple data ranges, enabling targeted data in the drive to be rendered indecipherable by command, on power cycle, or on host authentication error, what Toshiba described as "an industry first."
"This flexibility provides systems designers with a powerful set of data security options that can be easily incorporated into existing system architecture," the company stated .
Customer sampling and volume production of the new SEDs will begin in the second quarter focused on designated system manufacturers and independent software vendors so they can integrate the latest data wipe technology features.