News & Reviews


Keep up to date with Origin Storage

Tagged: Data Protection RSS

  • Origin Storage 15:15 on 26/07/2012 Permalink | Reply
    Tags: , Data Protection,   

    When employees leave so does your data, research reveals 

    Iron Mountain study shows sensitive customer data to be the main target for half (51%) of employees taking information when they exit

    London, UK – July 16. One in three (32%) employees have taken or forwarded confidential information out of the office on more than one occasion, according to a recent survey[i] commissioned by information management company, Iron Mountain. When people change jobs, highly sensitive information is particularly vulnerable. The study showed that many employees have no qualms about taking highly confidential or sensitive documents with them when they leave – and most believe they’re doing nothing wrong.

    The survey discovered that half (51 per cent) of European office workers who take information from their current employer when they switch jobs – 44 per cent of those in the UK – are helping themselves to confidential customer databases, despite data protection laws and records management policies forbidding them to do so.

    Along with databases, employees who take information are walking out the door armed with presentations [46 per cent], company proposals [21 per cent], strategic plans [18 per cent] and product/service roadmaps [18 per cent] – all of which represent highly sensitive and valuable information, critical to a company’s competitive advantage, brand reputation and customer trust.

    The study found that employees who resign don’t generally take information out of malice; they do so because they feel a sense of ownership or believe it will be useful in their next role. Two thirds said they had taken or would take information they had been involved in creating, and 72 per cent said they believed the information would be helpful in their new job.

    The picture changes, however, when employees lose their job. The study revealed that as many as one in three office workers (31 per cent) would deliberately remove and share confidential information if they were fired.

    “As businesses across Europe rush to tighten up their data protection policies in advance of new EU legislation, it is extremely worrying to see that employees are leaving jobs with highly sensitive information,” said Patrick Keddy, Senior Vice President at Iron Mountain. “Companies concerned about information security tend to focus on building a fortress around their digital data and then forget about the paper and the people.

    “This study provides a fascinating insight into what people feel they have ownership of and why. The findings highlight the need for information management policies to be developed closely with Human Resources as part of a Corporate Information Responsibility programme. Firms of all sizes, across all business sectors, need to ensure that employee-exit procedures are robust and compassionate, and that guidelines recognise that how people feel directly influences their behaviour and actions.”

    The study suggested that a lack of appropriate information management policies or their ineffective implementation could be a powerful factor in information loss. Only around half [57 per cent] of respondents said it was always clear when information was confidential, and a third [34.4 per cent] said they were not aware of any company guidelines regarding what information could or could not be removed from the office.

    The Iron Mountain study surveyed 2000 office workers of all ages and across all business sectors in France, Germany, Spain and the UK.

     

     

  • Origin Storage 12:08 on 24/05/2011 Permalink | Reply
    Tags: , , , , , Data Protection, , , , , , , , , , , , , ,   

    Data Protection 

    Self-encrypting drive solutions based on TCG specifications enable integrated encryption and access control within the protected hardware of the drive. Self-encrypting drives provide the industry’s premier solution for full disk encryption, protecting data when the machines or drives are lost or stolen. TCG’s open standards provide multivendor interoperability.

    Self Encrypting Drive Benefits:
    Better Performance
    • Encryption hardware, integrated into the drive controller, allows the drive to operate at full data rate with no performance degradation
    • Scalable solution – every drive contains encryption engine

    Stronger Security
    • Encryption always on – major compliance requirement
    • Keys for encryption are generated in the drive and never leave the drive
    • User authentication is performed by the drive before it will unlock, independent of the operating system

    Easier to Use
    • Encryption is transparent to both users and software.

    Lower Cost of Ownership
    • No need for complex infrastructure to manage encryption keys
    • Main processor cycles not used for encryption
    • No modifications to OS, applications or tools
    • Crypto-erase provides instant repurposing / decommissioning

    Self-Encrypting Drives in the Marketplace
    • Latest information on product availability and software support – (September 2010) and (August 2010)

    For more information on our Encryption product range, please click here.

     

  • Origin Storage 09:14 on 10/05/2011 Permalink | Reply
    Tags: , , , , Data Protection, , , , , , , , , , , , , , , , , , , , , , , , , Survey   

    41 Percent of IT Professionals Carrying Sensitive Information on Mobile Devices – Unprotected 

    Basingstoke (UK), 10 May 2011: A study by Origin Storage – the secure storage specialist, has revealed that 41 percent of what should be a security savvy audience are carrying sensitive information on mobile devices unprotected. In fact, 19 percent revealed that their organisation had suffered a data breach following the loss of a portable device (i.e. laptop, USB, CD) with 54 percent confessing the device had not been encrypted – an offence under the Data Protection Act and subject to regulatory action by the ICO, were it made aware!

    With 70 percent of organisations making data encryption mandatory, 11 percent of those respondents carrying sensitive information unprotected are actually breaching their organisation’s data protection efforts while the other 30 percent are simply following their organisations woefully inadequate example. When digging a little deeper the study, amongst IT security professionals at this years Infosecurity Europe show, uncovered a staggering 37 percent of respondents who confessed that between 81 and 100 percent of all sensitive data stored on their device(s) was actually left unprotected – so not just one or two documents transferred in a hurry.

    Andy Cordial, Origin’s managing director, explains, “When you consider the level of knowledge this audience is assumed to have, working in IT and having some form of security remit, yet the lax protection used for sensitive data, it’s hardly surprising data breaches are increasing in frequency and especially recently in size. I’m astounded that 30 percent of organisations are still oblivious to the Data Protection Act and the recommendation from the Information Commissioner that encryption be used to protect sensitive information.”

    The problem of sensitive data isn’t restricted to any particular device as 67 percent use laptops, 52 percent USBs, 33 percent still rely on CDs with 52 percent using another form of portable storage device.

    A final startling revelation is that just 36 percent of visitors felt that FIPS certification is ‘a must’ for encryption technology.

    Andy concludes, “The ICO recommends any solution should meet FIPS 140-2 yet 31 percent of our sample flippantly state that it ‘doesn’t matter’. Certification is the only ‘proof’ that the product actually does what the company ‘claim’ it does. It’s not just me saying this because our products have the certification as there have been incidences where products have fundamental design problems, or even companies that have made false claims. My advice – don’t leave security to chance. Lock it down with something that’s actually proven to work or there is a strong possibility you’ll be crying over spilled data.”

    To explore our solutions for Data Security, click here.

     

  • Origin Storage 16:11 on 28/04/2011 Permalink | Reply
    Tags: , ChannelWeb, Chris McIntosh, , Cyber, Cyber Crime, , , , , Data Protection, , , , , OriginStorage, ViaSat UK   

    ICO hits out at data breach figures 

    Watchdog claims data loss figures released under the Freedom of Information Act have been misunderstood

    The Information Commissioner’s Office (ICO) has hit out at encryption vendor ViaSat over claims it has misinterpreted data supplied to the firm via a Freedom of Information (FoI) request

    The data watchdog came under fire last week after it emerged that it has issued a handful of financial penalties totalling £310,000 for Data Protection Act (DPA) breaches, despite acquiring powers to impose fines of up to £500,000 a year ago.

    The figures were obtained via a FoI request by ViaSat who said the ICO’s inaction was harming the deterrent value of the fines.

    The ICO has since released a statement claiming that one of the statistics, relating to the number of data breaches reported between 6 April 2010 and 22 March 2011, supplied to ViaSat, has been misinterpreted. This is a claim the firm staunchly denies.

    According to ViaSat, 2,565 potential data breaches were reported during that period, while the ICO claims the actual figure is far fewer.

    A representative from the ICO explained: “While it is true that the ICO has concluded that in 2,565 cases compliance with the DPA was unlikely, the figure for self-reported security breaches – where information has been disclosed or lost – is far lower.

    “The 2,565 [figure] cover all types of compliance including a company sending unwanted postal marketing, incorrect data being held or an organisation not handling a subject access request appropriately.”

    In total, the ICO said it received 603 self-reported data breaches, 37 of which resulted in action being taken.

    The representative continued: “These [self-reported security breaches] vary from minor administrative errors, where enforcement action would not be appropriate to serious data losses which led to the ICO imposing a monetary penalty.”

    In a statement to ChannelWeb, Chris McIntosh, chief executive of ViaSat UK, defended his firm’s use of the figures, claiming the fault lies in the way the ICO supplied its data.

    “The figure of 2,565 was given to us by the ICO in direct response to an FoI request on the number of data breaches reported since 6 April 2010,” he said. “Our request was clear in that we wanted information on the number of data breaches.

    “Even if you look at the revised figures the ICO has released, it is still clear that monetary penalties have been enforced in less than one per cent of the data losses it has dealt with.”

    Daniel Hamilton, director of public privacy campaigners Big Brother Watch, said the issue is not with the number of breaches reported, but the small number the ICO is clamping down on.

    “For the ICO to only take enforcement action in such a small number of cases, suggests he is little more than a paper tiger,” he said. “The ICO has tough and wide-ranging powers and it is time he used them to maximum effect.”

    This is a view shared by Andy Cordial, managing director of vendor Origin Storage. “We still see a number of high-profile data losses and very little action from the ICO,” he said.

    “The majority of the 603 cases could have be prevented with a small investment and until fines become more widespread, confidential data will continue to be compromised,” he added.

     

  • Origin Storage 12:41 on 15/04/2011 Permalink | Reply
    Tags: , , , Data Protection, , , , , , , , , , , , , , , , , , , , , , , , , , ,   

    Enigma SED Video Podcast 

    For more information on the Enigma SED – click here.

     

  • Origin Storage 10:01 on 16/03/2011 Permalink | Reply
    Tags: C't Magazine, Data Protection, , , ,   

    The Thecus N4200PRO Comes out on Top in C’t 

    The N4200PRO went through c’t Magazine’s rigorous group test with grit and toughness to show its strength. Out of the te NAS tested, the N4200PRO came out with the highest speed recorded at over 106MB/s! C’t was also impressed with the N4200PRO’s many features strengthening data protection and ease of use.

    The Thecus N4200PRO can do it all: “The NAS dominated all major network protocols. This includes a media or web server that is preconfigured on the device.”

    ZFS and snapshot support reinforce data security and ease of access: “As a delicacy, Thecus has support of the ZFS file system installed, so that it has the NAS snapshot command and it can be available as an SMB share on the network.”

    Enter the Thecus-exclusive Dual-DOM design and mini-UPS. Data security is the holy grail of NAS, and Thecus does it best with innovation and style: “Also added for data security, Thecus thought of a few more breakthroughs: The NAS stores its firmware twice in two separate flash modules (“dual-DOM”). It will start up even if one module or a firmware update fails. As for higher data security, a standard lithium-ion battery is supplied, which can be docked by PCI-Express to the NAS. If power is interrupted, it keeps the supply voltage for enough time to allow the NAS to shut down completely.”

    It’s the best deal on the market for the top hardware and more: “For the price of €500, the Qnap for its two-disk NAS empty housing with a powerful Atom processor is extremely steep. For the same money you get the Thecus [N4200PRO] that houses the same expensive hardware equipment including a built-in UPS, with twice as much storage space.”

     

  • Origin Storage 14:43 on 14/02/2011 Permalink | Reply
    Tags: , , , , , Data Protection, , , , , , , , , , , , , , ,   

    Self-encrypting drive sales on the up, claims Seagate 

    But total sales still modest
    Disk maker Seagate claims it is finally making some headway in its attempts to get businesses to start buying its self-encrypting drive (SED) products, with a tripling in sales in the last two quarters.

    The company is now quoting total sales figures of “more than 1 million,” which is not much of advance of a similar figure offered informally in May last year, but Seagate can still point to numbers heading in an upward direction. Laptop shipments have, Seagate said, “doubled in each of the last three years.”

    Factors helping SED shipments in laptops and enterprise sectors will have included that the critical Momentus drive range first launched as far back as 2006 is now being qualified by partners as compliant with the Trusted Computing Group’s Opal specification. This offers a standard way for software to manage the drives compared to the previous proprietary approach.

    Partners include Dell, Lenovo and Panasonic in hardware and Credant, McAfee, Mobile Armor, Secude, Softex, Symantec, Wave Systems and WinMagic in software, which integrate with 24 separate Seagate SED products in the Savvio, Cheetah, and Constellation, and Momentus families.

    As impressive as the growth sounds, the figures are still miniscule when set against the 150 million drives the company might ship in a single quarter, which is where the challenge comes. SEDs are still a long way from being a mainstream sector, even in business despite attempts to push the technology since at least 2008.

    Last September, Seagate announced that its Momentus SED had become the first drive in the laptop encryption drive market to get the important FIPS 140-2 certification that matters so much to public sector organisations.

     

  • Origin Storage 09:35 on 09/02/2011 Permalink | Reply
    Tags: , , , , , Data Protection, , , , , , , , , , , , , , , , ,   

    Origin Storage Launches Enigma FIPS Solution For Laptops 

    Origin Storage, a leading manufacturer and distributor of IT storage solutions, has today announced the launch of Enigma FIPS. The FIPS 140-2 solution is the latest in the Enigma range to provide companies of all sizes with a quick and cost effective way to secure laptops using the highest levels of hardware encryption. The Enigma FIPS will be on show at CES in Las Vegas 6-9 January 2011.

    The Enigma FIPS solution incorporates the Seagate Momentus ® Self-Encrypting Drive which has recently secured FIPS 140-2 certification from the U.S. National Institute of Standards and Technology (NIST). The Momentus drive provides hardware-based encryption without performance degradation.

    With remote working becoming an important part of modern day corporate environments, organisations are more likely to issue laptops over standard desktop PCs. Companies are risking the security of sensitive and confidential information as it leaves the physical confines of the traditional office environment. Origin Storage’s launch of Enigma FIPS can put corporate minds at ease, offering the highest levels of security and a competitive price.

    Andy Cordial, MD of Origin Storage comments, “More than 3,300 laptops are lost or go missing at the eight largest airports in Europe, the Middle East and Africa (EMEA) each week and according to new research, six out of ten of these are never claimed. More worryingly, nearly half of the professionals surveyed keep confidential information on their laptops, and over half take no steps to protect that data (research carried out by Ponemon Institute).

    “FIPS 140-2 certification exemplifies Seagate’s commitment to security standards that enable the widespread adoption of encrypting hard drives for laptops and other computers as the explosive growth of laptop PCs puts more sensitive personal and business information at risk,” said Mark Whitby, Seagate’s vice president of EMEA Sales and Marketing. “Certification gives solutions providers like Origin and end-user customers the peace of mind that Momentus ® Self-Encrypting Drives delivers the full power of government-grade security.

    Enigma FIPS is a compatible upgrade with all PC based SATA notebooks designed specifically for the corporate and SME market. Each Enigma hard drive is supplied with the correct fitting kit, pre-mounted and ready to fit straight into the laptop. Developed by WinMagic, MySecureDoc Express has a Pre-Boot Authentication system that allows the user to authenticate using a password. This removes the need for the drive to rely on the laptop’s BIOS, making it possible to upgrade SATA based systems to an Enigma SED.

    “Seagate’s FIPS 140 compliant drive and WinMagic’s MySecureDoc Express self-encrypting drive (SED) management software combine to provide the complete solution for customers that want to upgrade their existing computing systems with the latest government approved encryption technology to protect their sensitive data.”

    “We continue to work closely with Seagate and other SED manufacturers to provide individuals with security tools that are easy to configure, use, and manage at an affordable price. We recognise that SEDs require software to activate the hard drive pre-boot authentication and provide other value added services. These include self-help password recovery and local administration that combine to allow users to take advantage of the latest certified security technology shipping today.” said Garry McCracken, Vice President of Technology Partnerships, WinMagic Inc.

    The Enigma FIPS solution also includes a data transfer cable and Acronis hard drive cloning software, providing a quick and simple way to move existing data from the laptops non-encrypted hard drive to the fully encrypted Enigma solution. Using a high speed USB2 or eSATA connection a full mirror image clone of the existing drive including the Operating System, Applications and all user data is made which limits the downtime required to upgrade the ,mobile worker’s laptop.

    Key Features
    • FIPS 140-2 validated (Level 2)
    • Supports Windows 7 (32 and 64 bit)
    • No BIOS Limitations
    • Password Pre-Boot Authentication
    • 100% Compatible Matched Solution
    • Fits PC Based SATA Laptops
    • Tamper evident coatings
    • Transfer Existing Data With Ease
    • No Speed Degradation
    • Capacities Up To 500GB and Rising

    Benefits
    • Government security standard achieved
    • Always On Entire Disk Encryption Protects All Data On The Drive
    • On The Fly Hardware Encryption Means No Additional System Resource Usage
    • Local administrative role manageability
    • Self-help password recovery options
    • Activation of drive into encrypted state is instantaneous versus the unavoidable “conversion” time needed with standard hard drives
    • Data encryption key does not leave the drive, hence helps prevent cooled-RAM attack and simplifies key management
    • Read Only PBA ( Pre-Boot Authentication) area supports password authentication using drive’s secure partition
    • Crypto erase enables instant secure disposal and repurposing of self encrypting-drive, rendering all existing data unintelligible, and returning it to manufactured state
    • Complete Matched Solution Makes Fitting Quick And Provides 100% Compatibility
    • Included Transfer Kit Clones Existing data Via USB2 or eSATA To Minimise Downtime

     

  • Origin Storage 10:26 on 14/10/2010 Permalink | Reply
    Tags: , , , , , , Data Protection, , , , , , , , , , , , , , ,   

    Enigma: The single solution to protect the data on your notebook 

    It is clear that attitudes are changing. It is now very common to work out of a home Office to save time during travel or even simply because today’s professionals have not necessarily got a physical office. As more people have made their laptop their virtual office containing all data critical and essential to their professional activities, the loss or theft of the computer has become a very stressful issue and can lead to serious consequences for companies if data falls into the wrong hands.

    Origin Storage, not satisfied to offer just the external encrypted hard drives, known as the Data Locker, have gone one step further by offering secure internal hard drive solutions for your notebook.

    Encryption to secure all of your data
    The proposed solution is to change the laptop hard drive and replace it with an Enigma SED (self encrypting drive). Thus the new data saved on your laptop will be encrypted (256-bit AES) on-the-fly and no loss of speed is noticeable, on read or write, thanks to a system of hardware encryption and not software, as seen by some manufacturers.

    Ease of deployment and installation
    Enigma disks are delivered with a mounting kit designed to perfectly fit the brand and model of laptop. A cable and cloning software are included with all Enigma drives for facilitating the transfer of your data on your current hard disk to the Enigma solution, which guarantees a maximum level of security for all the stored data. Acronis Cloning software makes a copy of your data and operating system to the new Enigma SED, taking around an hour for 120Gb’s, therefore providing minimum downtime to encrypt your data.

    Once the Enigma SED is installed, Winmagic will ask you to enter an administrator password for each start-up of the notebook; this is what is called PBA (pre boot authentication). If the password entered is correct, then the PC launches the BIOS initialisation phase and then launches the OS.

    Our Enigma drives are already available for many brands of laptops with capacities of 250GB at the price of £232.00 and 500GB at the price of £259.00. Unlike competitors, it is important to note that the Enigma solution requires no annual license or update fees of any kind. The selling price includes the use of the licenses for different software provided throughout the life of your laptop.

    To find the appropriate solution, you can visit the Enigma website (http://www.enigmased.com).

    Enigma disks should be destined for every notebook owner wishing to see data protected under any circumstance (governmental agencies, financial services, healthcare, insurance, military, and many others…). Now, companies with a large park of laptops equipped with traditional hard drives will be forced to change them for a secure solution in order to protect data and ensure compliancy as defined by the ICO.

    The Enigma solution is simple to implement and provides a level of security for all embedded data. If you lose your computer or it is stolen, do not panic. Your data is protected to the highest level of encryption available in the commercial world.

     

  • Origin Storage 10:56 on 14/09/2010 Permalink | Reply
    Tags: , , , , , Data Protection, , , , , , , , , , , , , , , ,   

    Seagate’s encrypted hard drive gets security boost 

    Seagate’s Momentus Self-Encrypting Drive (SED) has become the first encrypted laptop hard drive to get the critical FIPS 140-2 certification that the company hopes will finally help boost its sales to US and Canadian government organisations.

    Normally, FIPS 140-2 is just another important check box for security products that want a slice of the government market, but right now the stakes seem higher for the Momentus.

    As the company itself admits, sales of self-encrypting laptop hard drives have been modest at around 1 million units since the drive’s release in 2006. That sounds like a lot of drives, but the equivalent of barely quarter of a million drives per year is a miniscule number when set against sales of non-encrypted hard drives, which number hundreds of millions in a year.

    “The low-hanging fruit will be the military,” said Seagate’s Momentus SED product marketing manager, Joni Clark. Having NIST-approved certification was essential for procurement in this space, she said.

    Achieving FIPS 140-2 after a three-year process would also help the SED in business markets as well as with foreign governments and public sector organisations, fired by an increased interest in self-encrypting drives for insecure devices such as laptops.

    “There is work to do in the sector but adoption is coming,” she said.

    Seagate has been pushing hard with self-encrypting hard drives, forging a partnership with Dell in 2009 to help shift self-encrypting hard drives for more mainstream use, including by business laptop users.

    NIST FIPS 140-2 won’t be enough on its own; the company also needs other drive vendors to embrace the self-encryption technology.

    Despite being a hard drive with onboard encryption, one complication that might have helped slow take-up by rival vendors is the need to integrate third-party management systems with the drive firmware. Seagate’s environment for doing this is called DriveTrust.

    Things have improved on the front since the drive’s 2006 launch – there are now several competing management systems to choose from – but the real boost will come when other hardware vendors offer a separate path for buying drives themselves.

    “When you are a sole source some see this as a weakness,” admitted Clark.

     

← Older posts

c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
esc
cancel