Shortly after Micron’s SSD organization was created, we began engineering data security features like self-encryption into our products. By 2011, we had our first encrypted product on the market. The C400 SED (self-encrypting drive) was one of the industry’s first solid state storage devices for laptop computing featuring a 256-bit on-board encryption engine – fully encrypting your data, without the performance penalty common in other encryption schemes.
Our next SSD – the M500 – marked our first product where encryption became standard. Its sister product, the Crucial M500, further extended the availability of hardware encryption by making this feature readily available to consumers in the retail computer upgrade market.
When M500 was launched, we expected that it would help SEDs become a cornerstone of data security. Therefore, we were proud to co-sponsor a Ponemon Institute study on SEDs, their deployment, and positive impact on total cost of ownership for secure data storage.
Our decision to make SEDs widely available was easy. We had begun to evaluate data breach information from the Open Security Foundation, which since merged with the Risk Based Security organization. Back in 2010, the Open Security Foundation estimated that as much as 23% of all reported data breaches were because of lost laptops, lost hard drives and other storage devices. This was a startling number, especially since our computing devices were becoming smaller and much more mobile.
The year 2010 was quite early in the era of widespread and notorious data breaches. By this time, Micron and other storage vendors were putting SEDs into wide use. By 2013, even as the wider problem of data breach was growing exponentially, those data losses due to lost storage devices dropped to 8% of the total incidence of data breach. This drop in rate – even as overall data attacks jumped – is no coincidence, as enterprises began adopting encryption of stored data. This good news was tempered by the report’s findings that nearly 2 million records were compromised every time a laptop was lost.
Better news came in 2015: in the most recent breach report, the number of data breaches due to lost data storage had further decreased to under 2% of the total. This remarkable progress for at least one category of data breach shows us the continuing importance user awareness, and the key importance of SEDs.
Our data is under attack from many different directions, and at least data loss due to lost or missing storage is getting under better control.
Micron’s commitment to security continues with the recently released 1100 SSD furthering our well-established path of making encryption widely available for stored data in laptop and desktop computing. The Crucial MX300 broadens this SED availability to the retail market. Micron’s M510DC has brought the same levels of encryption protection to the data center, and the Micron S650DC brings encryption to high performance, enterprise SAS storage, along with the optional added protection of a FIPS 140-2 validated secure device.
Ultimately this means that Micron delivers secure data storage options from the data center to the individual device user. Why bring this up now? October is National Cyber Security Awareness Month and Micron is pleased to be a NCSAM Champion organization. You can learn more about NCSAM here and learn more about Micron’s storage data security here.
About Our Blogger
Jon is a Senior Technical Marketing Engineer for Micron's Storage Business Unit, with a focus on client solid state drives.