facebook rss twitter

Toshiba's self-encrypting HDD uses US FIPS 140-2 security

by Mark Tyson on 25 March 2014, 15:30

Tags: Toshiba (TYO:6502)

Quick Link: HEXUS.net/qacchr

Add to My Vault: x

Please log in to view Printer Friendly Layout

Toshiba has announced its new self-encrypting MQ01ABUxxxBW series, a mobile-grade thin 7mm hard disk drive (HDD). This HHD's USP is that it has been validated to U.S. Federal Information Processing Standard 140-2 (FIPS 140-2), according to a Toshiba press release.

The HDD is made thin enough to be used inside most portable notebooks and Toshiba says that this is the first self-encrypting drive (SED) that has been validated to Level 2 of the FIPS 140-2 standard.

The company's SED models are all designed to the globally accepted Trusted Computing Group's industry-standard 'Opal' Security Sub-Classification. This particular drive series has been put through a cryptographic module validation test by the NIST to certify it to be used for government storage systems with security-sensitive data. The MQ01ABUxxxBW series provides tamper-evident labelling for additional security. The HDD also includes Toshiba's unique wipe technology which erases data when an HDD is accessed by an unregistered system.

The major benefit of SEDs is the platform's ability to perform encryption securely within the drive's hardware without the need of software-based encryption products. System performance is therefore improved as the need of performing software encryption as a background software task and any integration concerns are omitted.

The Toshiba SED's embedded encryption cannot be disabled, lowering risks of affecting the legal compliance of security practices due to end-user actions.

Model Name

Recording Capacity

Height

Interface

Suitable Application

Security

MQ01ABU050BW

500GB

7mm

SATA

Mobile PC, MFP, POS

Government use

SED (TCG-OPAL SSC)

Cryptographic-erase (Sanitize)

Wipe technology

FIPS 140-2 validated

MQ01ABU032BW

320GB

As well as the specs listed above Toshiba says the drives feature an 8MB buffer, disc rotation speeds of 5,400RPM and offer an average latency time of 5.56ms. Power consumption is a maximum 4.5W with a 1.5W typical consumption (read/write) and low power idle of 0.55W and standby of 0.18W.

The MQ01ABUxxxBW series is currently shipping to suppliers, however pricing information is yet to be unannounced.



HEXUS Forums :: 13 Comments

Login with Forum Account

Don't have an account? Register today!
So, is buying a drive which has encryption standards endorsed by the US government a good thing or a bad thing?
Maybe i am missing the point but isn't the idea of encrypting data to prevent unwanted people reading said data, so wouldn't a drive that self-encrypts allow anyone to just plug it in and decrypt it ?
Corky34
Maybe i am missing the point but isn't the idea of encrypting data to prevent unwanted people reading said data, so wouldn't a drive that self-encrypts allow anyone to just plug it in and decrypt it ?
No, because if an unauthorised system attempts to access data, the drive self-wipes.
Repressor
So, is buying a drive which has encryption standards endorsed by the US government a good thing or a bad thing?
Good question. I guess, in part at least, it comes down to who you trust and who you don't, and the extent to which you consider data to be exposed to different risks.

For instance, do I feel particularly at risk from getting lifted by the CIA, and having the NSA access my laptop data, using a built-in backdoor …. if such a back-door exists?

Or am I more worried about criminals using data on a stolen laptop for accessing my bank accounrs, or ID theft?

Well, personally, neither, to be honest. I don't do online banking, don't have data useful for ID theft on my laptop, and can't imagine why the CIA would conceivably be interested. A few years ago for security vetting due to family, maybe, but not now.

So, I'm not really bothered about the risk of data loss to crooks or the US government getting at my laptop, but if I were, I'd be far more concerned about crooks than spies. Personally.
Saracen
Well, personally, neither, to be honest. I don't do online banking,

It is convenient besides all your data gets sold on the back market from some guy in a call centre working for the bank.