[Discuss] NAS: encryption
Richard Pieri
richard.pieri at gmail.com
Wed Jul 8 10:49:40 EDT 2015
On 7/8/2015 10:23 AM, markw at mohawksoft.com wrote:
> The problem with internal drive encryption is getting any level of
> disclosure and accountability.
This is simply not true.
FIPS security profiles are public record. Here's the security profile
for the cryptographic module used in several of Seagate's enterprise SEDs:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1299.pdf
The process of obtaining the certificate is accountability in and of
itself. The device or software is tested by an accredited test lab to
ensure that it works as described in the security profile. If anything
fails to work as documented then the device or software is sent back to
the vendor to correct the fault or update the security profile.
--
Rich P.
More information about the Discuss
mailing list