SANS Seagate Luncheon

This is the third in my series of posts recording my notes from the SANS SecureStorage and Encryption Summit in McLean, VA. Hopefully is semi-literate.
Seagate is finally coming to the general market with their Momentus 5400 FED.2 hard drive. This hard drive is designed to perform total data encryption on the hard drive itself. The drive is expected to OEM in January and ship in March or April with most major laptop brands. Around that time you should be able to purchase just the drive as well.
The drive is password protected. There is a master password which allows you to wipe, configure and set the user password. The user password is read/write to the disk only. There is separate software to provide enterprise management of the master password. The user password can by harmonized with Active Directory to allow for single sign on. You can also authenticate to the drives with Certificates and the TPM.
The drives are manufactured in China which raised some eyebrows.
In a survey of why businesses don’t encrypt, 69% cited performance; 44% cited complexity/ not user friendly; 25% cited cost. Seagate feels that their product addresses those concerns.
They report that they use AES-128. I forgot to ask why not AES 256. I did ask why its only a 5400 RPM hard drive right now. I was thinking the encryption was slowing things so much that a faster hard drive wasn’t worth it. They report that 5400 is the most commonly ordered hard drive so it made sense for them to put the disk encryption at that level first.