Pickpockets vs. Purse-snatchers: Why Data-at-rest Encryption Matters

October 2015 update:  With the availability of SCOS version 6.7, SC Series arrays now support SEDs in both SSD and HDD formats, offering even more options for secure, high-performing datacenters.


 I recently saw a woman laboriously secure her purse latch with a small decorative padlock after paying for her items at a coffee shop. Already amused, I almost laughed out loud when I later observed the same purse sitting unaccompanied on a table while the woman chatted with friends in a nearby booth. 

I have no idea what she had in that bag or how the afternoon played out for her, but as many things do, the scene reminded me of a data storage analogy… 

Ready for the elegant attack

This woman had a great solution (the padlock) to protect her valuables from “artful dodgers” on the subway – skilled practitioners who might nimbly extract items from her purse while she was in transit. 

In the datacenter security world, companies spend millions of dollars for the same assurances. As the frequency and severity of data breaches continue to rise, entire industries have grown up to help organizations avoid joining the growing ranks of SMBs to Fortune 500 businesses known to be deeply impacted by data theft and loss. Network security has received the most attention, with complex and somewhat glamorous solutions now offered to safe-guard corporate perimeters from the most sophisticated attacks on data-in-flight.

But what about Captain Obvious?

However, not all criminals are subtle – and like the woman in the coffee shop, many companies seem oblivious to the risk from a simpler, but equally serious threat.

The strongest network firewall in the world won’t protect you from an unscrupulous visitor or employee who simply walks off with your storage media. According to the Identity Theft Resource Center, over 12% of reported breaches occurring between 2005 and 2014 involved physical theft of data storage devices or media.  And one of the biggest data breaches of all time, Court Ventures, was an inside job.  Sure your network may be impregnable – but if you’re not guarding data-at-rest, it’s a bit like padlocking a purse. For the right thief at the right time, your valuable financial, healthcare or intellectual property assets could be easy pickings.

No reason to be insecure

Fortunately, powerful solutions now exist to plug this gap – and Dell Storage SC Series Self-Encrypting Drives (SEDs) are among the best and easiest-to-implement. These government-approved enterprise-grade drives provide military-grade encryption at a minimal cost. With Dell’s SC Series solution, no new array hardware is required (other than the drives themselves), and unlike other vendors, you can roll out your deployment incrementally on an existing array.  Plus, the performance is outstanding.  Despite the strong encryption, there’s no appreciable IOPs difference. You simply install and use the SEDs like any other drive.

Dell's SED encryption is built directly into the media and can’t be turned off. The entire drive is automatically and cryptographically rendered unreadable when removed from your secure environment.

In other words, if someone does manage to run off with your purse, they’ll find it empty! 

Don’t get me wrong – both network and data-at-rest security are essential for full protection. I just think you should have a truly comprehensive plan in place before you enjoy your latte. But once you do, feel free to relax – your data’s safe with Dell.

Read this brief to learn more


Read about other Dell security solutions (October, 2015 press announcement)

About the Author: Marty Holmes