Drive encryption adds compliance dilemma
The widespread uptake of self-encrypted drives and growth of virtual machines is delivering new challenges to digital evidence, according to Wave Systems Chief Scientist Robert Thibadeau, PhD.
Speaking at a conference this week in Chicago, Dr Thibadeau addressed new technology that is changing the industry's approach to storing and managing data and electronic records.
"We've seen a significant shift as organizations now store almost all of their data and records electronically; however the advancement of technology has also introduced new challenges for securing and managing that digital information, and it's imperative to proactively address the legal implications introduced by their adoption," he said.
"The major drive vendors have all introduced self-encrypting hard drives, and many organisations are adopting them for the strength and simplicity that hardware encryption provides. Yet to meet regulatory compliance, [US] federal regulations give guidance that those drives be centrally managed in order to prove that data was encrypted at the time a laptop is lost or stolen."
Dr. Thibadeau believes self-encrypting drives are changing the nature of electronic record storage, particularly for those records that reside directly in the hands of employees and customers on individual computers.
Prior to joining Wave, a developer of hardware-based PC security, Thibadeau was Chief Technologist at Seagate Technology, and was a founding director of the Robotics Institute at Carnegie Mellon University.