I recently posted my 2014 Enterprise SSD Year in Review where the broader adoption of the NVMe specification and the resultant availability of NVMe-based enterprise SSDs was my winner for most significant change. In this post, I want to start the new year off with a sneak peek for 2015—we may have a winner for the #1 spot already!
Is Data Security on Your Mind for 2015? Should it Be?
Data breaches, theft, leaks, loss, and hacks—these are all scary from a personal/identity perspective, and they seem to be occurring with greater frequency. But what about data breaches, theft, leaks, loss, and hacks on a larger scale— in your business? Should you be concerned? I think, yes. Wouldn’t you agree after the recent hacking and leaking of the Sony emails? The question is, where should you look for solutions if your business runs on a Windows server environment? Is there a reference that can help you select storage devices that are fully validated for your environment and designed to help secure business data? Short answer: Yes, there is—and it’s available now.
First, a bit of background…
An Alphabet Soup of Regulations
There is a litany of regulations governing data security, storage, theft, loss, alteration, and a host of other concerns. Here are just a few I found on a cursory search:
- SEC 17a
Many of these are specifically aimed at highly regulated businesses, but even if your business isn’t highly regulated and isn’t subject to any/all of the above, security should still be in the forefront—if for no other reason than to help ensure that your business remains your business, and only yours.
What Can You Do Today to Bolster Your Company’s Security Position?
Micron’s M500 and M550 SSDs are self-encrypting drives (SED) that have built-in hardware encryption, adding another level of security to protect sensitive information from unauthorized access while reducing the risk of financial, reputational, and legal consequences of data breaches.
A Perfect Fit for the Windows Server Environment
If your infrastructure runs on Windows Server 2012 or Windows Server 2012 R2, the news couldn’t be better. You can deploy certified M500 and M550 SEDs with either operating system right now. Furthermore, as of January 2015, Micron is the only SSD vendor with Windows-certified SEDs listed in the Windows Server Catalog.
When a product is listed in the Windows Server Catalog (with the associated logo), it means that the certified device:
- Has been tested by Microsoft
- Meets Microsoft’s highest technical standards for security, reliability, and manageability
- Can support the roles, features, and interfaces for cloud and enterprise workloads as well as business-critical applications
More simply, the device works and does what it is supposed to do.
What Can Certified Encrypted Storage Devices Buy You as a Business Owner?
Multiple federal, state, and territorial data privacy laws in the US, EU, and several other geographies, contain safe harbor clauses for encrypted devices. Safe harbor provisions can exempt or limit owners of confidential data from penalties and disclosure of unauthorized access (data breaches, theft, leaks, loss, hacks, etc.) if the data is encrypted. Specific implementations of encryption satisfy the safe harbor standards, and if security is on your mind, you should check them out.
Will the Extra Security in Micron SSDs Compromise Application Performance?
The short answer is ”no” because the encryption is hardware-based. But isn’t software encryption good enough? In many cases it may be, but hardware encryption has distinct advantages:
- Compared to software encryption, hardware encryption does not degrade drive performance and is seamless to the platform and application
- Erasure is very fast and thorough
- Drive-level security simplifies management enterprise systems
- SSDs’ superior speed during initial setup, upgrades, and end-of-lifecycle disposal ensure you get both enhanced system performance as well as easy, secure lifecycle management
What are your thoughts about SEDs in your enterprise? How concerned are you about security, or the lack thereof? Please share your thoughts in the comments below.