Skip Links

Disk-drive encryption gets boost from Opal standards effort

Addresses debate over application- vs. hardware-based encryption

By , Network World
January 29, 2009 03:58 PM ET

Network World - The Opal industry-standards effort unveiled this week by the Trusted Computing Group should prove a boon to information technology professionals exploring desktop encryption options.

The Opal Security Subsystem Class Specification 1.0, as it's officially called, offers a set of mechanisms and protocols for disk-drive encryption, authentication, configuration and policy management. When implemented in disk drives and supporting client and security-management software, Opal would provide IT managers with flexibility and interoperability in managing computers using Opal-based encryption.

"That's what we expect with this, the ability to mix and match, and we're keeping an eye on it going forward," says Ken Waring, IT director at CBI Heath, the Toronto-based Canadian healthcare provider, which today uses Seagate's embedded disk-drive encryption in Dell computers, with Wave Systems management software, to protect sensitive data.

While CBI Health has found hardware-based disk encryption an excellent way to protect data, the only negative is "it's restricting us to one model," says Waring. Opal promises to bring a new level of interoperable security so that IT managers could mix and match manufacturers' Opal-based disk drives and vendor software management tools.

Backers of TCG's Opal initiative, which makes use of the Advanced Encryption Standard (AES), include disk-drive manufacturers Fujitsu, Hitach, and Seagate, as well as software vendors Wave, WinMagic, CryptoMill Technologies and others. Fujitsu, for instance, is promising Opal support in all of its Notebook drives, both the 5400 rpm and 7200 rpm, during the second quarter.

"The basic objective is how do we embed security in the drive, to have encryption and authentication, and do it in a standardized way so it works no matter what drive you have," says Lark Allen, vice president of development at Wave, which has demonstrated Opal-based interoperability with its Trusted Drive Manager working with Fujitsu's Opal implementations.

Opal is among the latest efforts to satisfy the growing corporate demand for disk encryption. According to Forrester's survey of 942 IT and security managers in North America and Europe,  full-disk encryption was cited as the top client security technology to be piloted or adopted this year.

Encryption is fast becoming a necessity for both stored data and in transit.

In some industry sectors, particularly healthcare, both in the United States and abroad, encryption has become a necessity to satisfy regulatory requirements.

"The Department of Health requires that no patient data be sent unless it's encrypted," explains Saeed Umar, the IT project manager at Lancashire Teaching Hospitals NHS Foundation Trust based in London.

The hospital system, which provides healthcare to hundreds of thousands of individuals and educates medical students from the University of Manchester and the University of St. Andrews, has a staff of 6,500 and about 4,000 PCs.

Umar says the healthcare organization two years ago settled on using Voltage SecureMail to encrypt sensitive information that was e-mailed, because it works without requiring client software on the receiving end. "I wanted e-mail anywhere, and this works to send e-mails anywhere securely," says Umar.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News