ASI Ships the World’s First Laptop PC Featuring a Hard Drive with Built-in Encryption

The ASI EL80/C8015 notebook integrated with the Seagate Momentus FDE2 drive is a new security platform that delivers a simple, cost-effective way to deploy the highest levels of security for mobile computers by protecting data where it lives – on the hard disc drive

As the popularity of laptop computers continues to explode, so does the need for securing the financial data, customer information, intellectual property, and personal history stored on these systems. With over 35% of all data breaches resulting from a lost or stolen notebook, businesses such as medical, legal, or financial, as well as institutions including educational or governmental along with individual consumers face the increasing challenge of protecting their vital information from theft.

ASI EL80/C8015 Security Platform

  • Full Disk Encryption of all data and passwords

  • Complete hardware encryption allowing the drive to run at full interface speed to maintain normal drive performance levels

  • Encryption is always on and seamless to the user

  • Pre-boot password protection prevents unauthorized access to the drive even if removed from the notebook

  • Lower cost of ownership and easy to manage

  • Seagate Momentus FDE2 HD is National Institute of Standards and Technology (NIST) AES Encryption Certified

  • Testing Certified on FIPS (Federal Information Processing Standard 197)

 

Data @ Risk

With the increasing sales of notebooks, more and more critical data is going mobile. As a result, companies are at risk to have that vital information compromised as it can no longer be contained with in the walls of the organization. In fact, according to recent studies by the Ponemon Institute, over 35% of data loss occurred due to a lost or stolen laptop which represented a loss of $182 per record with a total cost ranging from approximately $1 million to $22 million

  • In August 2006, 49% of all reported data breaches were the result of a lost or stolen laptop (Privacyrights.org)

  • December 2005, 1 millionth record breached

  • Sept 2006 – Rueters – “1,100 Laptops Missing from US Commerce Department”

  • August 2006 Veterans Administration Hospital lost over 18,000 medical records of veterans as a result of a stolen laptop. The lost data again included name, address, birth date and SSN

  • June 2006 –eWeek – “Ameriprise Laptop Theft puts Client Database at Risk”

  • June 2006 the US Government Veterans Affairs lost over 1.1 million names of active duty military, reserves, and National Guard members as a result of a stolen laptop. The information that was lost contained name, address, birth date and SSN.

  • March 2006 – eWeek – Stolen Fidelity Laptop puts HP Workers at Risk”

  • May 2005 – The California Aggie – Laptop Containing 98,000 names Stolen from Berkeley Campus”

  • March 2004 – Information Week – Laptop Theft puts GMAC Customers at Risk”

 

Advantages of HW Encryption

The answer to protecting information from be seen or accessed by unauthorized users rests with a technology known as encryption which is a process that simply codes and decodes data as it is written or read from the computer hard drive. This technology has been available for some time through software but there have been several draw backs which have made it a far from ideal solution.

As with any software application the encryption process requires a heavy amount of processor overhead which means it must utilize the systems main processor to code or decode the data which causes the computer to perform below expectations as well as make employees less productive and more frustrated with their PC.  In order to address the performance issue many software programs only encrypt logical sectors of the drive which means some data is still vulnerable even without a password. 

This performance degradation also leads to another problem associated with software encryption and that is that they can easily be turned off by the user which means that even though a security solution is in place, it is not functioning because the user deactivated the program due to performance issues.

Another challenge related to software encryption programs occurs when an update or patch needs to be loaded on the drive which requires encryption to be turned off and for the drive to be decoded which can be a very time consuming process.  Of course, once the patch has been added, the drive needs to be encrypted which again causes delays for usability of the system. 

In general, software programs are not completely secure because passwords are stored in BIOS or on an open area of the hard drive making them easy to hack and once the password is known, all the data on the drive can easily be accessed which defeats the overall purpose of encryption so protecting the password is equally as important as securing the data.

 

ASI Security Platform

The solution to the problem of data protection on a laptop is the ASI C8015/EL80 NB which incorporates technology from Wave Systems and Seagate Technologies to offer a notebook that protects the information stored on the drive by using a hardware solution that completely encrypts the data and locks the drive through pre-boot password authentication to prevent unauthorized access. Even if the drive is removed from a stolen notebook or sent to a data recovery lab the information can not be viewed nor can the password be hacked making it completely secure.

The encryption technology deployed in the ASI NB has many unique design features that help deliver exceptional performance and security.  First, the Seagate hard drive includes its own controller chip which is integrated on the drive. This chip is tasked with the responsibility of coding as well as decoding the information stored on the hard drive so the job is not handled by the systems main CPU as would be the case with a software program. This Native or hardware encryption solution prevents any performance degradation because it keeps the systems main processor free to perform other tasks.

Second, Seagate has added an additional hidden partition used to store the password as well as other vital information. This encrypted partition is not part of the overall storage capacity of the drive so it is completely inaccessible and secure. It also means that since the password is stored on this secret partition on the drive and not in BIOS as with software or other hardware solutions it travels with drive so if the drive is removed from the notebook, the password would still be required in order to access the drive.

Last, Wave Systems Trusted Drive Manager which is the software program interface for the password helps simplify setup and configuration of the Seagate Momentus 5400 FDE.2 hard drive as well as make it easy for administrators and users to create and back up passwords.  It also allows administrators to control hard drive policies and security settings as well as easily erase all data including the operating system cryptographically so the drive can be safely redeployed or discarded.

 

Government Legislation

Data theft is one of the fastest growing high tech crimes in the US and this has not gone unnoticed by many state governments which have enacted laws that specifically require some form of data encryption. In fact, 29 states have laws such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA), or California SB1386 that require encryption compliance and full client disclosure in the event of any type of data loss.

In addition to specific laws that are being written to address data security, President Bush has issued specific directives to all branches of the US Government that they must use encryption on all mobile devices. While this certainly raises compliance issues, it also creates opportunities for those resellers that can differentiate themselves by offering a notebook with built in hardware encryption like the ASI EL80/C8015 notebook.

 

Impact of Data Loss

Compliance is one concern but maybe more critical is the issue of disclosure which could have a serious impact on an organizations revenue due to a loss in customer confidence.  Recent studies indicate that 20% of a companies clients say they would immediately end their business relationship, while another 40% claim they would consider ending their partnership, and still 5% more would consider legal action if they were told their personal records had been lost due to a theft.

 

Back Up Solutions

The encryption technology used in the ASI notebook is a powerful solution designed to protect the data stored on the drive and as such, it can not be recovered if passwords are forgotten or the drive fails.  Therefore, it is critical that the user also deploys proper back up protocol by saving their data to some type of external storage. Most commonly, people are using external hard drives which are available form ASI. This is a vital component of the entire Security Solution.
 
Return to top