Toshiba Corporation (TOKYO:6502) today announced that the MQ01ABUxxxBW series, a mobile-grade thin 7mm hard disk drive (HDD) with self-encrypting technology, including Toshiba’s unique wipe technology, which automatically erases data when an HDD is accessed by an unregistered system, has achieved validation to U.S. Federal Information Processing Standard 140-2 (FIPS 140-2). This is the first Toshiba self-encrypting drive (SED) validated to the FIPS 140-2 standard. Toshiba’s SED models are designed to the Trusted Computing Group’s (TCG) industry-standard “Opal” Security Sub-Classification. This globally accepted standard, implements protocols created to help IT managers, security management application providers and client security professionals to better manage data security and to help prevent potentially damaging and costly breaches to sensitive information. The FIPS-validated model also provides tamper-evident labeling for additional security, with a resulting validation to Level 2 of the FIPS 140-2 standard.
The 7mm mobile thin SED series underwent rigorous cryptographic module validation testing by a U.S. National Institute of Standards and Technology (NIST)-certified testing laboratory in order to be validated by the U.S. Federal Information Processing standard. As a result of this validation, this Toshiba HDD series is now available for use in highly regulated and security-sensitive storage applications, such as government systems. The combination of support for ATA (Advanced Technology Attachment) Enhanced Secure Cryptographic Erase function, the TCG-Opal SSC (Security Subsystem Class) protocols, the Toshiba wipe technology extensions of the Opal protocols, and the FIPS 140-2 module level validation makes the MQ01ABUxxxBW series suitable for encrypting confidential data stored on client-grade mobile and desktop computers protected by security management applications.
Unlike software-based encryption products, SEDs perform encryption securely within the drive’s hardware at full interface speeds. This helps to improve system performance, and reduce support burden and integration concerns versus software encryption which performs encryption as a background software task that can negatively impact user productivity. In addition, SED use can eliminate the need for a “re-encryption” cycle during initial client configuration and the drive’s embedded SED encryption cannot be disabled, thus decreasing the risk that security practices required by policy for legal compliance might be put at risk by end-user actions.
Some makers of printers, copiers and other OEM commercial systems apply the added security enabled by Toshiba’s unique wipe technology. Wipe technology helps make it so that self-encrypting drives in such systems can be easily and securely cryptographically erased to protect against data breaches when systems are retired from service, re-deployed or returned to a 3rd party service provider.
Toshiba’s MQ01ABUxxxBW series is currently shipping. For more information on this model’s FIPS 140-2 validation, please reference certificate number 2082 and visit the US NIST CMVP website at: