NVMe and Self-Encrypting Drives – The Perfect Match

NVMe technology had a big presence at the Intel Developer Forum (IDF), held in San Francisco of September this year. There were products and demonstrations from about a dozen leading vendors including Intel and Micron. I also attended quite a few sessions, but the one on NVMe was the only one that was overflowing with people.

Sleep and PBA

Last month I wrote about the necessity of performing Pre-Boot Authentication (PBA) in order to get the full benefit of confidentiality that Full Disk Encryption (FDE) can provide. However, there are some environments where corporate security policy might allow for a less secure configuration as tradeoff for better usability. For example, I have conceded in the past that if a user is within the physical confines of his company, say travelling from one floor to another for a meeting, that sleep / standby (S3) might be an acceptable risk.

Computer Forensics and Self-Encrypting Drives

In my last blog on computer forensics I addressed the question: does software Full Disk Encryption (FDE) Thwart Computer Forensics?   To recap, a software encrypted drive could prevent effective forensics. However, if you have enterprise key management and forensics software that can interface with it to get the media encryption key (MEK) then it doesn’t have to be any more challenging than doing forensics on an unencrypted drive.

Spring 2014 UEFI Plugfest

A colleague and I attended the Spring 2014 UEFI Plugfest in Seattle earlier this month. It was well worth attending as we had the opportunity to test and have one on one conversations with: Microsoft, Intel, the PC OEMs including HP, Lenovo, Dell, and of course the BIOS companies AMI, Insyde, and Phoenix. It was my second year in a row attending, and the third for my colleague, so we are now getting to see how things develop and change over time.

Stopping the Bleeding

Heartbleed has been big news in both the security industry and mainstream media for more than a week now.  Our partners and customers tend to be very security conscious so they have been doing their due diligence. As a result, we have fielded many inquiries asking if Heartbleed impacts WinMagic and SecureDoc. We looked into this and it doesn’t.