Brief
High Performance
Intel RAID Controller performance-opti-
mized architectures with self-encrypting
drives allow for exceptional data security
with virtually no performance impact.
While other encryption methods may take
place at the software or controller level,
which can negatively impact process-
ing resources, encryption resides on the
drive itself. When SafeStore local key
management authorizes encryption, no
CPU cycles from the host are necessary
and the transfer of I/Os can occur without
interruption.
Cost-effective
Intel RAID Controllers powered by LSI
MegaRAID technology with SafeStore local
key management provide protection from
the high costs associated with a breach in
data. In fact, a 2008 study
1
found that a
breach can cost up to $202 per exposed
record and more than $6.6 million per to-
tal reporting company on average. At only
a small percentage of the total cost of the
storage solution which can house hun-
dreds of thousands of records, SafeStore
local key management and self-encrypting
drives can save an organization up to mil-
lions of dollars by avoiding an unexpected
breach.
Alternative and costly methods of data
erasure can be avoided with SafeStore
instant secure erase which does not
require hefty transportation and service
expenses to erase or destruct the drive’s
data. In addition, instant secure erase
reduces overall hardware expenditures
by re-provisioning existing drives instead
of the alternative of replacing destroyed/
disposed of drives in which additional
hardware purchases are needed.
Simple
SafeStore local key management pro-
vides the necessary management and
protection of self-encrypting drives
using a simple pass phrase, security key
identier, and security key le which can
be set and applied to all self-encrypting
drives assigned to an Intel RAID adapter.
This process removes the complexity of
managing each self-encrypting drive’s
unique encryption key (which encrypts
and decrypts data on the drive). Since
SafeStore manages the key linkage and
communication, the process is transparent
to the administrator and no modications
to existing operating systems or applica-
tions are necessary. As well, migrating
self-encrypting drives from one device to
another is secure and simple.
Flexible
For maximum utilization of drive invento-
ry, organizations may continue to use their
non-self-encrypting drives for data they
determine does not need to be secured.
Having the exibility to support self-
encrypting drives and non-self-encrypting
drives, SafeStore local key management
addresses the needs of tiered and clas-
sied data with a single storage device.
And when it becomes necessary to secure
data residing on a non-self-encrypting
drive, the data can be simply migrated to a
self-encrypting drive.
While the idea of fully securing data
across a company’s entire range of of-
ces, laptops, networks and data centers
can be overwhelming, Intel RAID control-
lers powered by LSI MegaRAID technol-
ogy with SafeStore encryption services
provide a powerful tool for securing
critical information and protecting against
the ever-present threat to data-at-rest in
the data center. As drives will inevitably
be moved from the data center, SafeStore
encryption services with self-encrypting
drives mitigate the risks associated with
data breaches during this vulnerable time.
SafeStore encryption services and self-
encrypting drives are a critical component
to a successful end-to-end security solu-
tion with minimal cost and complexity.
1
Ponemon institute Study 2008 Annual Study of a Data Breach
3