SANS Lunch and Learn with Stonewood Flagstone

These are my notes from a lunch and learn presentation with Stonewood about their hardware based encryption product.
They have a mobile USB hard drive . This can be used as a normal Flagstone drive if you boot to it, otherwise you need to load software to access the encrypted data.
Flagstone buys micro harddrives from Toshiba or Hitachi and repackages them in typical laptop form-factor. The drives are 4200 rpm which I find a bit to slow, but they say that’s all they can get from the manufacturer.
When you boot the computer, you are prompted to enter a password. If you enter the correct password you the keys are live and you are able to enter the hard drive. If the power goes out it will fail closed. This makes me wonder if Seagate could say the same about their drive.
The drives use a tamper evident casing. The chip that contains the keys is embedded in gel so it is difficult to physically access it without destroying the chip.
FIPS 140-2 is currently pending.
Its a lifetime key. So no rekeying like SW.
The main problem I would have is that it doesn’t have single sign on or a password harmonization feature such as those found in the Seagate product. The password to access the harddrive is not managed and enforced by I.T. It sounds like this will be addressed in 2007.
Today you are screwed with Wake on lan. Some I.T. shops use WoL to boot machines and patch them during the night. That is not possible with this technology today. Not sure how you’d even do that with the software full disk encryption.
Their disks are available today and have been out for years. They are in use in the British, U.S. and Canadian military. This is interesting technology and may be the wave of the future. But still you’re left asking what about email, what about the phones and the pdas. Should you buy an all in one solution or will that leave you disappointed.
Lastly, the price quoted sounded kind of high. I believe Seagate was rather reasonable and comparable to normal prices.
No annual fees, maintenance or upgrades.