Seagate estimates there are about 50,000 drives a day coming and going from data centers. The cause for concern is all the data that is exiting these data centers and where those drives eventually wind up.
Given the amount of data that can be stored on a single disk drive, that's a legitimate concern. Seagate and other hard-drive vendors have been pushing IT organizations to be more aggressive about adopting drives that come with built-in encryption. With more processing power available than ever, processing encryption is more practical, so it makes sense that this security technology should be more broadly applied.
In addition, recent breakthroughs have shown that the processing of live data can actually take place while data is still encrypted using techniques referred to as homomorphic encryption.
Seagate earlier this week announced that its Cheetah, Constellation and Savvio drives have received FIPS 140-2 certification from the U.S. government. Theresa Worth, a senior product marketing manager for Seagate, says that as the government becomes more concerned about security, she would not be surprised if the government applied a more stringent encryption mandate for disk drives on every company doing business with the federal government. In addition, many companies are mandating higher levels of security regardless of government requirements, said Worth.
When it comes to using encryption on hard drives, the biggest issues would seem to be replacing the sheer number of hard drives in use and the inertia that goes with that process. But given all the concern about security breaches, you can't help but wonder if we need to be more aggressive about adopting encryption.
It might not make sense to put encryption everywhere just yet. But it's more affordable and practical to use in more places than ever. And major advances in managing and processing encryption appear to coming rapidly.
When the the next major breach involving a lost hard drive inevitably happens, who will be held responsible for not taking some basic encryption precautions? When business managers and customers are looking for someone to blame, unwanted attention quickly finds its way to IT operations.
So the next time you're installing a new set of disk drives, ask yourself what would happen to not only the company, but also the people working in the IT department, should any of those drives go missing.