by Jacqueline Emigh
Toshiba has announced new technology aimed at securely erasing user data from PCs, network-attached storage (NAS) devices, printers, and other computer products before a system gets disposed of or passed along to other users.
The new software code, which is known as Wipe, is now being included in Toshiba’s Self-Encypting Drives (SEDs), a line-up of hard disk drives (HDDs) aimed at providing on-board encryption and advanced access security.
The new Wipe feature is touted as ridding the system of sensitive user data when the system is powered down, or when an SED is removed from the system.
Toshiba’s SED drives are targeted at businesses in addition to government agencies. Compliant with the Trusted Computing Group’s “Opal” specification, the drives are designed for meeting laws and regulations around data security and privacy.
How Wipe works
The Wipe technology works by automatically invalidating an HDD security key when its power supply is turned off without taking predetermined measures, immediately making all data in the drive indecipherable, Toshiba said in a statement.
Toshiba introduced Wipe as an enhancement to its latest 2.5-inch 7200 SED HDDs for notebook PCs, released in July.
Yet the company is now urging the adoption of Wipe in copiers and printers, a category of products which can also raise security concerns because of their ability to store copies of documents for a long time.
The Wipe feature can also be useful for leased systems, since users can eliminate sensitive data before returning the systems, according to Toshiba officials.
How SED works
Toshiba first introduced its Self-Encrypting Drive technology back in mid-2009, stating at the time that SED would use Wave Systems’ Trusted Drive Manager application to encrypt all data on an HDD with NIST-certified encryption technology integrated into the hard drive controller chip. Toshiba’s SED also utilizes other certified algorithms for delivery of strong authentication and access control.
In its original SED announcement, Toshiba reportedly said that the technology uses two keys: an encryption key inside the drive and a separate authentication key. Data is automatically encrypted, or scrambled, when it comes to the drive, and the separate authentication key is needed to decrypt it.
Other makers of computer systems have adopted similar self-encryption features. For example, EMC reportedly has used encryption of this kind from RSA in its storage products.
Wipe can be “easily incorporated”
In its statement this month, Toshiba said that its new Wipe feature can be “easily incorporated” into existing system architectures.
Systems designers can set various “data invalidation attributes,” such as “data encryption and secure invalidation on power cycle,” and “data encryption and preservation on power cycle,” according to company officials.