RSA Security Conference 2017 and the Cloud

Last week, I once again had the pleasure and privilege of attending the RSA Conference in San Francisco. I heard estimates of a record breaking 40,000 attendees. It didn’t seem much busier than previous years but as another participant pointed out to me, that might be because it was better organized, with pre-registration for the sessions, this year. This year I focused my sessions on the Cloud.

Opal, Opalite & Pyrite Self-Encrypting Drives (SED) Specifications Simplified

This year (2015) the Trusted Computing Group (TCG) Storage Work Group (SWG) published two new specifications derived from the Opal SED specification called Opalite and Pyrite. You may already be familiar with the benefits of using an Opal SED vs software encryption in your laptops and desktops, but are puzzled as to why there are 2 new standards. Perhaps you even wonder if they would be a better fit for your needs than Opal.

PCI DSS 3.0 and Encryption

Version 3.0 of PCI DSS (Payment Card Industry Data Security Standard) was released in November 2013 and now that version 2.0 became inactive at the end of last year all organizations should have made the transition to version 3.0.

NVMe and Self-Encrypting Drives – The Perfect Match

NVMe technology had a big presence at the Intel Developer Forum (IDF), held in San Francisco of September this year. There were products and demonstrations from about a dozen leading vendors including Intel and Micron. I also attended quite a few sessions, but the one on NVMe was the only one that was overflowing with people.

Sleep and PBA

Last month I wrote about the necessity of performing Pre-Boot Authentication (PBA) in order to get the full benefit of confidentiality that Full Disk Encryption (FDE) can provide. However, there are some environments where corporate security policy might allow for a less secure configuration as tradeoff for better usability. For example, I have conceded in the past that if a user is within the physical confines of his company, say travelling from one floor to another for a meeting, that sleep / standby (S3) might be an acceptable risk.

Computer Forensics and Self-Encrypting Drives

In my last blog on computer forensics I addressed the question: does software Full Disk Encryption (FDE) Thwart Computer Forensics?   To recap, a software encrypted drive could prevent effective forensics. However, if you have enterprise key management and forensics software that can interface with it to get the media encryption key (MEK) then it doesn’t have to be any more challenging than doing forensics on an unencrypted drive.