Security to Be Focus in Dallas

Any storage professional headed for Dallas this week is likely to find a horde of suppliers eager to peddle data protection products and services. And it's no wonder: Security of corporate information is among users' top spending priorities.

What's on the agenda? Below is a sampling of security-related announcements expected at SNW this week:

Seagate, along with partners IBM and LSI, will outline long-term storage security plans, touting drive-level encryption as a way to avoid an embarrassing data breach.

Seagate already offers drive-level encryption on its notebook and desktop drives and is now looking to extend this technology into the data center.

"Customers are aware that their data is vulnerable," says Gianna Dagiau, senior marketing manager at Seagate. "Hard drives are susceptible to data breach when they get de-commissioned and leave the data center."Seagate's security technology, called Full Disk Encryption, involves a hardware ASIC on the drive, which encrypts data as it is written to the disk. "The encryption engine inside the drive matches the drive port's maximum speed, so it won't slow anything down," says Dagiau, adding that the technology will be available sometime next year.

IBM will provide the key management for Seagate's solution, which will be similar to the software already deployed on Big Blue's TS1120 tape drive. "We're using the encryption key management that we already have installed," explains Gordon Arnold, senior technical staff member for storage software and security at IBM.

Arnold says the vendor is planning to use the Seagate self-encrypting drives in one of IBM's own storage offerings, but he would not go into details.

LSI is also taking part in this effort by developing storage controllers that work with the drives.

By building 128-bit encryption into hard drives, Seagate hopes to severely limit the likelihood of a data breach and the associated recovery and compensation costs. "All it takes is one drive to fall through the cracks, and the end user is spending millions of dollars," says Dagiau.Seagate first unveiled its encryption strategy last year, citing plans to lock down data on its Momentus laptop drive. Since then, drive-level encryption has been added to the vendor's Barracuda desktop drive, leaving its Savio and Cheetah enterprise drives next in line.

Other vendors, such as Hitachi, have already made moves to offer drive-level encryption, although, like Seagate, these efforts have largely focused on notebook and desktop drives.

Another firm focusing on key management at SNW is NeoScale, which will take the wraps off a pair of integration "toolkits" for its KeyVault appliances. The two toolkits essentially open up the KeyVault APIs to potential disk and tape library partners.

NeoScale's move addresses key management as a bone of contention for users, who have already called for better interoperability from security and storage vendors.

Data protection specialist Reconnex has upgraded the software that runs on its family of iGuard appliances, unveiling version 7.0 of its eponymous software today. Key enhancements include a search feature that lets users trawl through emails, instant messages, and Web mail related to specific individuals or content, such as internal memos.The vendor has also added reporting capabilities that can analyze communications and highlight high-risk content and individuals. "What we have built is a set of 'learning applications' that sit on top of our platform that answer questions for organizations like 'What is my sensitive data?'," says Faizel Lakhani, Reconnex's vice president of products.

The exec explains that this reporting feature could be used to scan email correspondence and Websites visited by users, to identify, for example, the source of a leak.

Reconnex 7.0 is available today, free of charge to existing iGard customers.

Another security vendor, CipherMax, will announce today that its CM140T key management device can now manage keys for LTO-4 drives as well as legacy tape libraries and VTLs.

Meanwhile, data protection specialist Arkeia will debut its Central Management Server device in Dallas, which is used to manage the vendor's EdgeFort encryption devices. Pricing for the device, which is available today, starts at $5,000.Crossroads Systems will demo a slew of security products, including its ShareLoader and ReadVerify appliances, its TapeSentry encryption device, and Virtual TapeServer with SecureVTS encryption software.Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.