Toshiba samples encrypted
SAS SSD
Editor:- January 6, 2013 - Toshiba
says
it's sampling a new range of 2.5"
SAS MLC SSDs - with
self encrypting security
features and on board
sanitization.
The PX02SMQ/U has upto 1.6TB capacity.
Crocus will sample secure fast MRAM controllers in January
Editor:-
November 5, 2012 - Crocus
Technology today
announced
that in January 2013 it will sample 1.2MByte high speed SIMs and small secure
MRAM
controllers. The
fast R/W speeds will enable optimized personalization and over-the-air updates
in NFC-enabled
smartphones.
"The CT32MLU product family breaks the barrier of traditional
non-volatile memory that
will provide smartcard makers with best-in-class secure element microcontrollers
with a 20 to 30% smaller footprint," said Alain Faburel,
VP security business unit at Crocus Technology.
SSDs or hard drives? - the data forensics differences
Editor:-
October 23, 2012 - When you need to retrieve critical unbacked up data from a
damaged notebook (which you left in the car when you clambered out the
window after realizing that the puddle across the road was much deeper than you
first thought) you call the process "data recovery" - but
when a court seizes a suspect's notebook to try and retrieve data which may have
been deliberately "deleted" - they call it "data forensics"
- either way - in the most demanding cases the experts who work on these tasks
are the same.
SSD Data Recovery
(as opposed to dumb flash memory recovery) is a relatively new market which
didn't exist 5 years ago.
A recent article
Why
SSD Drives Destroy Court Evidence - on a site called
ForensicFocus.com - discusses how
techniques which are essential to the operation of flash SSDs (such as
garbage collection
and wear leveling)
mean that from the forensic viewpoint SSDs yield up potentially much less
deliberately deleted recoverable data than hard drives.
Microsemi gets NIST certification for rugged 2.5" TRRUST-Stor
SSD
Editor:- August 28, 2012 - Microsemi today
announced it has
achieved NIST
certification for the AES (encryption ) algorithm on its ultra-secure
rugged TRRUST-Stor
SSD.
A note on the NIST site says - "the XTS-AES-256
implementation runs in an Altera FPGA."
RunCore's video - phone to purge USB SSD
Editor:-
May 22, 2012 - sometimes if I'm watching a movie I realize it's going to be
bad - but in a way which is nevertheless all too fascinating to watch. How bad
it will get? Look! - see it's getting worse - but still taking itself
seriously. So - instead of zapping it like I should - I stay transfixed.
Such bad movies are an artform.
What about promotional videos though?
- on the subject of SSDs...
Mostly these are just time wasting. But
today - in the "so dreadful I kept watching it nearly to the end"
category was a
new video
on YouTube from RunCore about its Xapear SSD.
RunCore was the first
company to haul "phone to
purge capability"
over the cost
chasm which divides military
SSDs over to the
consumer SSD market
- which it did 2
years ago - and the new video is simply about their latest model which
combines RFID with the phone zap technology in an external USB connected SSD.
As a security
concept I was convinced the idea had merit - when I first wrote about it 2
years ago. So I wasn't keen to see another new video about the same topic. But
I'm glad I did - because it's an artform. ...click to
watch video
Samsung enters fast erase SSD market
Editor:-
January 5, 2012 - Samsung
has entered the fast
purge SSD market - which currently numbers about 25 companies.
The
company says that models of its PM810 2.5" SATA SSD family with its Crypto
Erase technology deletes targeted data in a couple of seconds regardless of the
overall volume of data or the capacity of the SSD. These models have been
validated for compliance to
NIST
FIPS 140-2
a new way to kill flash SSD data
Editor:- March 15,
2011 - Pangaea
Media has recently entered the
SSD backup market with a
removable 2.5" SSD
which integrates backup,
encryption and a
completely new (to me) patented
fast purge
technology.
SSD Bookmarks - from Foremay's CTO and co-founder
Editor:-
March 1, 2011 - StorageSearch.com
today published
SSD Bookmarks
- suggested by Jack H
Winters, CTO, Foremay
.
Jack H Winters' suggestions are focused on the topic of
managing data security in flash SSDs (both in working and not working devices).
These links take you on a tour of the published state of the art in fast /
secure SSD data erase and the related issue of SSD encryption.
RunCore launches world's 1st CF card SSD with fast purge
Editor:-
November 9, 2010 -
RunCore has launched
the world's first CF card compatible SSDs with fast (typically 30 seconds)
on-board sanitization
functions.
The fast erase - which is designed to protect confidential
data leaks and thwart any attempts at
data recovery - is
achieved by pressing a button or activating erase pins while the device is
powered. It can be once again used by formatting after the data destruction
process.
Editor's comments:- due to the popularity of the CF
form factor in consumer products many equipment designers have adopted it as a
convenient way of incorporating solid state storage into products in the
industrial, medical and prosumer markets. Without an on-board fast purge feature
- achieving effective
disk sanitization
as a software process in an SSD can take upto 24 hours (depending on disk
capacity). RunCore's industrial CF cards are true SSDs with wear-leveling,
vibration tolerance and low power consumption.
a reader asked me about notebook SSD encryption
Editor:-
June 29, 2010 - a reader asked me some good questions about
notebook SSD encryption.
Did encryption impact performance and endurance? Had I already written about
this in another article he had missed? ...see what I said
Nasuni offers $5,000 to successful espiones
Editor:-
June 22, 2010 - I have to hand it to the marketers at Nasuni - they've come
up with a
clever
promotion scheme.
Cynics (aka experienced computer realists) are
worried that cloud storage
may be inscecure - right?
Nasuni say - that the 1st person who can
reveal the contents of a file which they have made
visible
here can win $5,000.
"We're aware that many businesses are
dubious about cloud storage for security reasons," said Nasuni CEO and
co-founder Andres Rodriguez. "Data leakage is a major concern. With cloud
storage, you have to entrust your data to an outside party, and your data is
swimming around in the cloud with other customers' data. Intuitively, it seems
risky. Customers are smart to be wary. But we've built a system that protects
against these risks. We're confident that Nasuni can keep your data safe in the
cloud, and we are willing to go the distance to prove it."
Editor's
comments:- the clock is ticking. After 30 days - the company will donate the
"unwon" money to a good cause.
Who's going to crack it 1st?
- the Russians? or Chinese? Or has an NSA spook read the message already by the
time you see this posting - but won't claim the prize - because that would be
revealing too much.
I bought the 1st UK edition of
the
Cuckoo's Egg (1990) - and I can still remember the thrill of reading how a
barely noticeable security intrusion was traced over many modem hops and
international routes and much elapsed time and effort to reveal a real-life
espionage. Storage
Security
Super Talent's Cryptic USB3 SSD
Editor:- March 2,
2010 - Super
Talent Technology today
announced
imminent availability of a new
encrypted
USB 3
flash SSD - with
upto 256GB capacity.
When I asked for more technical details I was
told the datasheet isn't ready yet. The USB 3.0 SuperCrypt is a true SSD (with
wear-leveling).
Internally the module (95 x 34 x 15.4 mm) is a
SATA SSD with a USB
bridge chip.
Fast Purge flash SSDs
Editor:- September 25, 2009 -
StorageSearch.com today
published a new directory of Fast Purge flash SSDs.
The
need for fast and secure data erase - in which vital parts of a flash SSD or
its data are destroyed in seconds - has always been a requirement in military
projects. Although many industrial SSD vendors are offering their products with
extended "rugged" operating environment capabilities - it's the
availability of fast purge which differentiates "true military" SSDs
which can be deployed in
defense applications.
Most Secure USB Flash Memory Stick
Editor:- July 13,
2009 - IronKey
today announced the launch of its S200 USB flash drive for government and
enterprise customers.
IronKey's CEO David
Jevans said: "The IronKey S200 is the first and only
USB flash drive to achieve
the demanding FIPS 140-2, Level 3 security validation from NIST, giving even
more proof that IronKey is the world's most
secure flash drive. We
are also releasing a suite of new enterprise remote management capabilities,
available over the Internet from the IronKey managed service, or from our
enterprise server software that companies can install and operate themselves."
WD Ships 2TB Surveillance Drive
Editor:- May 19,
2009 - WD
announced availability of a 2TB model in its
AV-GP
line of hard drives
designed for the surveillance market.
Designed to last in always-on
streaming digital audio/video environments the new
SATA compatible
drive (MSRP $299) supports playback of up to 12 simultaneous HD streams.
SoleraTec Lightens the Load for Searching Streaming Surveillance
Camera Storage
Editor:- April 27, 2009 - SoleraTec has
incorporated support for the
Real Time Streaming
Protocol that allows for the direct video feed capture of IP-based video
surveillance cameras in version 5.2 of its
digital surveillance manager
software (SVM).
SoleraTec says its software is unique in its
ability to provide a file-based search and retrieval interface that enables the
user to actually play video surveillance files without first needing to retrieve
original hi-res assets from storage.
When its SVM ingests files, it
automatically creates low-resolution proxy files for fast search and view. Once
a desired video asset has been selected, clipped, and marked for export, the
new, user-configurable "extended export" functionality enables the
user to export needed data in a variety of ways, such as FTP, email, and local
file systems. Pricing for Phoenix 5.2 starts at $996.
EScon Launches Encrypted Desktop Storage
Editor:-
April 16, 2009 - EScon
has launched the Guardian MX-4 range of
eSATA connected
encrypted desktop
storage enclosures for the European market.
EScon's Managing Director,
Tony Howard, says "Backing up data to protect against hardware failure or
accidental deletion is universally accepted as good business practice, however
securing data against theft is less easy to guard against and may not even be
recognised as a threat. The focus is most often on ensuring the physical
security of the building in which the data is housed rather than on securing the
data itself."
Olixir Announces DataVault Support for FIPS 140-2
Washington, D.C. - March 9, 2009 -
Olixir Technologies announced it will add new security features to
its family of DataVault hard drives in Q2 2009.
This will make them
fully-compliant with the requirements outlined in the Federal Information
Processing Standards
FIPS 140-2.
Incorporating an advanced set of security features including anti-virus,
anti-malware and encryption agents, which have already been approved by the DOD
DARTT Team, Olixir's external drives will meet all criteria to be connected via
USB cables to U.S.
Department of Defense networked computers. This comprehensive security
capability will be resident on the Mobile DataVault products and run
independently of the host computer to proactively protect the drive and the
network from malware and virus infections.
...Olixir Technologies
profile
Sun Proposes Standardizing Tape Storage Encryption
Santa Clara, CA -
February 17, 2009 - Sun Microsystems today announced an open source
initiative for removable storage encryption in Solaris environments.
This
is based on the key manager which Sun already uses in some of its
Tape Libraries.
ZoneLoc Prevents flash SSD Data Walking into the Wrong Hands
Phoenix, Arizona - February
12, 2009 - White Electronic Designs Corp announced a new technology -
ZoneLoc - which automatically desanitizes a flash SSD to military standards
- when the device is moved outside a specified operating zone - to prevent data
falling into enemy hands.
The boundary can be tied to a fixed
location or made to be portable for mobile applications. ZoneLoc has
configurable features and options, including audible warnings, programmable
response times, wireless remote purging and sensitivity modes. Because the
protected device takes its own action, autonomously, security is guaranteed.
...White Electronic
Designs profile, Storage
Security, Disk
Sanitizers
Dress Down Jeans are Less Risky than Smart Suits - Implies
Survey
Editor:- January 19, 2009 - Dry Cleaners are becoming an
unintended potential recycling point for
USB storage - according to
a report today from CREDANT
Technologies.
In a phone survey of 500 laundries in the UK -
CREDANT found that on average 2 USB sticks were found each year by each site.
Dry cleaners in the suburbs, on the commuter belt or based in city centres find
the most USB or memory sticks. One dry cleaner in the heart of the City of
London said he is getting an average of 1 USB stick every 2 weeks, another said
he had found at least 80 in the past year.
Extrapolating from this sample, the company estimates the UK annual
figure for USB storage left at dry cleaners to be over 9,000.
Are
Brits more forgetful than others? Or does this show that wearing casual clothes
(which can be processed in your own washing machine) presents a lower
security risk than
formal suits. See also:-
Disk Sanitizers
Job Uncertainty Increases Risks of Illegal Data Migrations
Editor:- December
1, 2008 - Cyber-Ark has published results of a recent international IT
security survey called - "the Global Recession and its Effect on Work
Ethics".
The 600 respondents included office workers from New
York's Wall Street, London's Canary Wharf and Amsterdam in Holland.
50%
of US responders and 27% in the UK said they would be willing to work
80 hours a week if it meant they could keep their jobs. Nevertheless, there
is a risk that workers are using their IT privilege access rights to
conspire behind their bosses' backs to download vital, useful and competitive
information to take with them if and when they get the push.
56% of workers surveyed admitted to being worried about losing their
jobs. Alarmingly, in preparation, more than half have already downloaded
competitive corporate data and plan to use the information as a negotiating tool
to secure their next post. Top of the list of desirable information is the
customer and contact databases, with plans and proposals, product information,
and access/password codes all proving popular choices.
Memory sticks are the
smallest, easiest, cheapest and least traceable method of downloading huge
amounts of data, which is why this is often considered the "weapon of
choice". Other methods were photocopying, emailing, CDs, online encrypted
storage websites,
smartphones, DVDs,
cameras, SKYPE, iPods. ...read the
report (pdf), ...Cyber-Ark
profile, Storage
Security
STMicroelectronics Samples Secure e-Passport Microcontroller
Geneva,
Switzerland - November 25, 2008 - STMicroelectronics is sampling a
new microcontroller for secure identity cards.
The ST23YR80, which offers contact and contactless interfaces,
complies with the most advanced security smartcard standards and meets
ICAO requirements for machine readable
travel documents. The EAC (extended access control) e-Passport operation will
be supported in less than 3.5 seconds. The device can also optimize the
operating distance and transaction time by adapting its processor clock speed to
the magnetic field of the application reader It has 80Kbytes of onchip flash
memory to store extra biometric data.
...STMicroelectronics
profile, storage chips
Oxford Semi Dangles DAS Dongles
MilpitasCalif. -
November 4 , 2008 - Oxford Semiconductor today unveiled 2 new DAS
security encryption chips.
Aimed at
storage oems - the
OXUS931SE and OXUFS936DSE feature an embedded hardware encryption engine
enabling real time encryption with no loading on the host PC.
The
OXUFS936DSE
supports FireWire,
USB and
eSATA interfaces and
2 directly connected SATA disks. In addition, the device offers a range of LCD
and LED user interfaces that are supported by the flexible software framework,
greatly enhancing its capacity for product differentiation.
The OXUS931SE
is aimed at the consumer who needs low cost, single-drive secure storage. In a
traditional implementation, the OXUS931SE acts as a high performance bridge from
USB2.0 or eSATA ports to a SATA
hard disk drive in an
external storage box
supporting all current PC and Mac platforms. And, because of the OXUS931SE's
high performance, it can also be implemented as a internal security dongle
between a SATA port on the system motherboard and any internal SATA disk drive
without any loss of throughput, for a fast and easy upgrade to a secure
information system.
...Oxford
Semiconductor profile
New Tool Helps Reduce Identity Theft
NEW
YORK - September 16, 2008 - Identity Finder, LLC announced the
upcoming release of Identity Finder Enterprise Edition 3.5 and their newest
product, Identity Finder Monitoring Console.
Identity Finder
Enterprise searches computers for Personally Identifiable Information and helps
employees clean the data it uncovers, protecting themselves and their employers
from confidential data loss. One of the biggest challenges to preventing data
leakage is discovering all the places data exists. It can easily become buried
anywhere on a computer such as within a hidden column in a spreadsheet from years
ago.
Todd Feinman, Identity Finder's CEO, says, "Organizations can no
longer rely on simple anti-virus suites to protect information as there are an
ever increasing number of threats that steal personal data -- from viruses,
worms, and Trojans to spyware, botnets, and malicious web application exploits.
Even file sharing programs, voluntarily installed by many individuals, have
become a large source of data loss and full hard disk encryption cannot protect
against sensitive data exposure in these scenarios. Tools such as Identity
Finder are required."
...Identity Finder
profile | |
| . |
|
| |
... |
 |
| ... |
 |
| . |
|
| . |
| |
