In the era of life-critical data and at a time when cyber-vulnerabilities grow, enterprises need not only trusted performance from their drives, but also ironclad security.
Today, we’re proud to announce Seagate Secure™, a stringent collection of security features rolled out across Seagate’s Enterprise Datasphere Fleet, including all our Exos™ hard drives and selected Nytro® solid-state drives — among the fastest and highest capacity enterprise drives available today.
In today’s business environment, data creates value — so it’s more important than ever to protect it as a vital business asset. Data managers need sustainable, long-term security solutions that minimize risk with the least impact on productivity.
But greater value means greater threats, and software-based security measures are no longer sufficient to ensure that your data stays under your control. In fact, software-only solutions intensify the pressure on the data storage lifecycle, making end-to-end security both more important and more difficult. That’s why security analysts recommend a broad range of solutions including hardware-based encryption.
Seagate Secure ensures every drive complies with the top industry standards for security, with two feature sets — Essential and Certified — to meet different application requirements. The Essential feature set delivers protection that suits most needs; the Certified feature set meets requirements for government or enterprise customers running highly secure, data sensitive services and applications.
Seagate Secure Storage Device Features
The pursuit of advancing drive security for our customers is a top priority at Seagate, which is why all drives with Seagate Secure feature instant secure erase, self-encryption technology and tamper-resistant protection, guarding your most valuable data at rest:
Essential — these features are part of every Seagate Secure device
Self-Encrypting Drive: Every device uses hardware-based encryption to protect against most attacks.
- Secure data locking using AES 256 standards with hardware root key and device root of trust
- Drive locks on power-down
- Industry-standard authentication key management interfaces
SD&D (Secure Download & Diagnostics): Your firmware is protected from attackers throughout its working life.
- Digitally signed firmware with rogue firmware detection
- Locked diagnostic ports
- Cross-segment downloads blocked
- Secure boot process
Instant Secure Erase: Administrators can instantly change the encryption key on any device, rendering its data unusable and making retirement or reuse much easier.
- Fast, secure, and complete data erasure in seconds
- Internationally sanctioned erasure according to NIST 800-88 and ISO 27040
Secure Supply Chain: Each of our components is sourced securely from trusted sources.
- Seagate complies with the Open Trusted Technology Provider Standard (O-TTPS)
- Third-party processes meet Seagate’s security standards
- Uphold industry-leading firmware attestation to ensure customers receive authentic products, components, and firmware
Certified — these features may be added to meet regulatory or other requirements
FIPS 140-2 Level 2 certified configuration
- Federal government encryption standard for sensitive, but not classified, data
- Federal agencies and contractors must use FIPS level 2 or better
- Tamper-evident labels
Common Criteria Evaluated
- International standard for date security certification
- Neutral third-party evaluation to certify secure IT products
- Adopted and recognized by 25 member nations
Trade Agreement Act (TAA) Compliant Storage
- Client, Enterprise, and SSD product compliance
- Meets origin requirements for US Government purchasing contracts
- Adopted and recognized by 126 member nations
Secure for the entire lifecycle of your drive
Seagate Secure isn’t only a set of crucial features that resides on each drive. It’s also a commitment to managing security through the entire lifecycle of our full fleet of enterprise datasphere drives, from research and development through design, component sourcing, manufacture, deployment and retirement.
Data security starts long before you purchase your storage device — and persists indefinitely after you stop using it. All Seagate Secure devices are protected from attackers at every stage of the lifecycle, from the conceptual phase of design to their final retirement or reuse. You can rest assured that attackers haven’t accessed your device at any stage before you deploy it, and that your data is inaccessible after you retire your device.
Data Security Lifecycle
To ensure authentic protection, Seagate Secure means our enterprise drives are protected from the moment they’re built, with secure supply chain management, as well as secured diagnostics and firmware. True data security begins before storage devices are put into use. Seagate focuses on maintaining holistic security solutions throughout the product lifecycle.
- DESIGN: We ensure that our hardware design process is closed to all but our own vetted workforce.
- COMPONENT SOURCING: Every component of every device is sourced from trusted vendors.
- MANUFACTURE: Each component is assembled in a secured facility.
- DELIVERY: We engage only trusted vendors to deliver all Seagate Secure devices.
- DEPLOYMENT: It’s simple and straightforward to roll out our storage devices, minimizing the risk of security-related errors.
- IN-USE: Our SEDs make sure that your users — and only your users — can access your data.
- RETIREMENT: Our Instant Secure Erase feature lets you eradicate all data in seconds for quick, painless device retirement.
When putting your Seagate enterprise drives to use, you can feel assured that the data most important to you is safe.
Channel customers and partners like system architects, integrators and cloud builders will benefit greatly from Seagate Secure. Time and energy previously spent monitoring for and diagnosing security concerns can be saved, and exchanged, for more pressing, immediate data center needs.
Check out the latest in Seagate’s enterprise family of drives here.
*Seagate Secure models not available in all countries. May require TCG-compliant host or controller support.