I attended the TCG (Trusted Computing Group) annual members meeting last week in beautiful Vancouver and thought I would share a couple of observations.
First of all, a little background – The TCG is an organization whose mandate is to set security standards for commercial use. The scope ranges from small mobile devices to large disk drives used in the enterprise. Key participants (about 100 in person this year) include: the PC OEMs (e.g. Lenovo, HP, Dell, etc.), OSVs (e.g. Microsoft), component manufacturers (e.g. disk drives, TPMs…), governments and ISVs. That’s where WinMagic comes in. We are an Independent Software Vendor and a member of the Storage Work Group (SWG). The SWG is responsible for the “Opal” specification for self-encrypting hard drives (SEDs), as well as, the specification for the larger “enterprise” drives.
Now for the observations:
NIST attended and gave an update on SP800-88, DRAFT Guidelines for Media Sanitization. Until the most recent draft crypto-erase was not considered a good method for sanitization. In fact, back in 2006, SP800-88 stated, “Encryption is not a generally accepted means of sanitization.”
In the most recent draft, however, “Cryptographic Erase through the Trusted Computing Group (TCG) Opal Security Subsystem Class (SSC)” is an option. Nonetheless, a crypto-erase can only be as good as the underlying encryption and key management.
I expect that this NIST work will be leveraged and eventually become an ISO standard but that is a couple of years away. Meanwhile have a read of the latest NIST draft and submit public comments to 800-88r1Comments@nist.gov. The comment period closes on November 30, 2012. It would also be good to have this conversation with your encryption provider to ensure they have all the right things in place to meet your data sanitization needs.
And of course, the upcoming Windows 8 launch was on the top of a lot of people’s minds at the TCG. With many organizations having just gotten around to migrating from XP to Win 7, I don’t expect a rush to adopt Win 8. Albeit, Win 8 has some good security features when combined with a native UEFI boot. (Laptops have had UEFI boot proms for awhile now but almost all were set to a BIOS compatability mode.)
With Win 8, the idea is to boot up in native UEFI mode and take advantage of a UEFI feature called Secure Boot. When Secure Boot is turned on the prom checks the signature of the pre-boot code before executing it. The UEFI prom also ‘measures’ the UEFI code it executes and adds the result in the TPM so that the software that follows can make decisions based on what came before it. (The TPM, Trusted Platform Module, is probably the most famous TCG technology).
Security features like these will help thwart attacks on the system before the OS and traditional anti-malware are loaded. All this is of particular relevance to WinMagic and our FDE customers because our Boot Logon code runs and authenticates users before the OS is loaded.