Full Disk Encryption, UEFI, Secure Boot and Device Guard

It has been a while since I have written about UEFI, Secure Boot and their impact on Full Disk Encryption (FDE) pre-boot authentication (PBA) so it’s time for an update on what is new in this area, but first here is a recap because this is a bit of an arcane technical subject. UEFI stands for “Unified Extensible Firmware Interface”. The UEFI specification defines a standard model for the interface between personal-computer operating systems and platform firmware.   It provides a standard environment for booting an operating system and running pre-boot applications such as the PBA for FDE.   It replaces the traditional legacy BIOS interface that was used with Windows 7 and older systems.   Now that Windows 10 is being widely adopted I expect to see UEFI used on almost all new machines.

So, why did I join WinMagic?

Just imagine that day one at WinMagic started with the arrival of an innocuous letter from yet another company who had “lost” my personal data. How ironic!

I’ve known about WinMagic for two decades, most of that time I considered them a deadly competitor – in the data protection space, my company, SafeBoot and WinMagic were two of the “big four” leaders – yet despite vying for the same customers WinMagic and SafeBoot had a cordial relationship, in fact I must confess I was always envious of their ability to launch new features way faster than I could, and in exchange, in the early days the WinMagic team were envious of my sales reach.

Think Safety, Stay Secure

Safety is one of the most important aspects today – for people, for organizations, for governments and for countries. There is a lot of talk around the safety of people in general and data, which is critical to businesses.

NVMe and Self-Encrypting Drives – The Perfect Match

NVMe technology had a big presence at the Intel Developer Forum (IDF), held in San Francisco of September this year. There were products and demonstrations from about a dozen leading vendors including Intel and Micron. I also attended quite a few sessions, but the one on NVMe was the only one that was overflowing with people.

Revisiting the TPM

TPMs have been shipping for nearly 8 years now.  WinMagic was an early adopter and supported TPM version 1.1 for full disk encryption before most.  We expanded our support to the more main stream version 1.2 TPMs when they started shipping.  Now more than 100 Million TPMs are out there in laptops and other devices, and soon many, many  Version 2.0 TPMs will join them.  TPM 2.0 and disk encryption will be a good topic for a future blog but today I am going to set the ground work on where we are today.

Managing Security and Compliance

One of the more common IT headaches in medium to large sized organizations is managing mixed environments. It’s not just different operating systems and software applications but also devices of various form factors, be it servers, desktops, laptops, tablets and ultra-portables, smartphones, etc.

Come one, come all

Last week we announced the results of the Ponemon Institute study we commissioned and had co-sponsored by leading industry SED partners. We wanted to take this opportunity to remind readers that next week we’ll be reviewing the data via a webinar we’re hosting on Tuesday, April 30th at 1pm ET.