File Share Encryption

 View Only

  • 1.  Using WDE with a Self-encrypting Hard Drive

    Posted Oct 27, 2011 01:03 PM

    Having already purchased and been using PGP for a while now, and just now going through the loss of some hard drives with info on them, we decided to purchase some self-encrypting hard drives, specifically Seagate Constellation ES model # ST3500416SS.

    To support or manage the SED I will be using Wave System's Embassy Security Suite software on a Dell T7500 Precision Workstation using Win 7 Ultimate 64-bit with either PGP WDE 10.1.2 or 10.2.

    What I want to do is use both my PGP with the SED.  The guy at Wave told me he thought that using both systems at once may cause problems.  But I really, really, really want to use both.  Because PGP is a known quantity, who has survived numerous hax by thieves and governments, I trust it.  While the SED is new tech and an unknown, but hopefully really cool, quantity.  But I want to have the double security so I can sleep at night.



  • 2.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 27, 2011 01:18 PM

    The following are from the current PGP Desktop Release Notes:

    Any drives with a sector size other than 512 bytes are not supported by PGP WDE and cannot be encrypted.

    Software incompatibility with the PGP Whole Disk Encryption feature: Certain programs are incompatible with the PGP Whole Disk Encryption feature; do not install these products on a system with PGP Desktop, and do not install PGP Desktop on a system with these products installed:

        Faronics Deep Freeze (any edition) [15443]
        Utimaco Safeguard Easy 3.x. [8010]
        Hard disk encryption products from GuardianEdge Technologies: Encryption Anywhere Hard Disk and Encryption Plus Hard Disk products, formerly known as PC Guardian products. [12005, 12065]
        Safeboot Solo co-exists on the system but blocks PGP WDE.
        SecureStar SCPP co-exists on the system but blocks PGP WDE.
        Wave Systems' Dell Embassy Trust Suite co-exists on the system but causes the system to slow down. [19297]



  • 3.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 27, 2011 02:05 PM
    I would not recommend using software based FDE on a Self Encrypting drive regardless of the encryption vendor.


  • 4.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 28, 2011 04:02 AM

    Too me a lot of this stuff seems nothing more than pure speculation.  Have their actually been head to head challenges?

     

    I do promise y'all this:  as soon as I get me SEDs all set up, I will install PGP WDE and let you knows know what happens.  But if the city of San Antonio suddenly turns into a smoking crater, please tell my family that good ol' Haywood         BG  Jablome loved them all,(except for my Anal Angus, he's a pain in the ass).  Colonel Angus , now he's a good guy.  Makes all them pretty ladies smile - and some not so pretty, too.

     

    But, for real, I want to know if this will work and if not, why.  If anyone else has any insites, I would appreciating hearing them.

     

     

    Cheers -



  • 5.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 28, 2011 10:37 AM

    Sure it should work but why would you want to do that? Most encryption vendors I've talked to won't support it.

    Your basically defeating the purpose of moving away for software based FDE. Your looking at adding overhead from a performance standpoint, complicating data recovery in some cases, and introducing all of the software FDE issues like application conflicts, hardware conflicts, etc....



  • 6.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 28, 2011 03:28 PM

    The reason why is because this SED stuff is new stuff (at least to me), yet I know that PGP is tried & tested (juding by news reports about the govt complaining that it cannot decrypt it and, thus, trying to force people to divulge passwords via subpoena).  I have not heard of any news reports about SEDs being tested or compared against software encryption, nor have I heard of anyone trying to hack them to see if they can break them.

     

    If anyone here has heard of such reports or studies I would greatly appreciate a link.

     

    A second reason is I am extremely paranoid.  I work in a law firm and we have already had to deal with the theft of hard drives once before (which lead to this purchase of the SEDs).  While we had PGP on those drives, I want to make extra certain that all of our stuff is more then 100% safe.



  • 7.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 28, 2011 04:00 PM

    Make sure you are using opal compliant and FIPS certified hard drives. You also need to use a HDD password or preferably a 3rd party vendor to manage the SED drive.

    http://www.trustedcomputinggroup.org/files/static_page_files/B1F59D21-1A4B-B294-D0B0998A3BDCF381/SED%20Solutions%20for%20Data%20Security_May192010.pdf



  • 8.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 29, 2011 06:30 PM

    Seagate Constellation ES model # ST3500416SS, which are Opal and FIPS certified.

    To support or manage the SED I will be using Wave System's Embassy Security Suite software  



  • 9.  RE: Using WDE with a Self-encrypting Hard Drive

    Posted Oct 31, 2011 11:30 AM

    This would be sufficient