Endpoint security firm GuardianEdge announced yesterday that it will evolve with the full disk encryption market by releasing a new encryption management product meant to work seamlessly with the Trusted Computing Group’s (TCG) hardware-based disk encryption specification, Opal.
Released earlier this year by TCG, Opal was designed to offer the industry a standard for self-encrypting drives, which many in the security and storage space will help organizations comply with regulations such as PCI and HIPAA to protect data across its lifecycle. Several drive manufacturers, including Fujitsu and Hitatchi, have already unleashed Opal drives to the channel, with a torrent of even more drives due for release in 2010.
"Really, what we’ve seen evolve here has been over the last year or more, increased awareness in the market about the need for data protection," says Ram Krishnan, senior vice president of products and marketing for GuardianEdge. "What’s interesting is that even though we see more and more organizations become aware that they have to protect their data only about 30 percent of these enterprises have actually begun any kind of project around encryption or data protection and so forth. So it’s still kind of ample opportunity in that portion of the market."
Krishnan says that GuardianEdge has been working around the paradigm that the market will likely shift to Opal-compliant drives, but not via a rip-and-replace model. Instead, it will slowly be instituted throughout organization’ s PC refresh cycle. As that happens gradually, GuardianEdge hopes to offer organizations top-to-bottom encryption management support no matter what percentage of their endpoint infrastructure contains Opal self-encrypting drives.
"In essence, what we’re doing is providing a capability to initialize and manage these drives as they come into the environment," says Joe Hoban, vice president of worldwide channel sales for GuardianEdge. "One of the real strengths of what we’re doing here is enabling the organization to manage encryption on the endpoint either through software or through a self encrypting drive in a consistent way from all perspectives. If it has one of these drives we’ll initialize it and leverage it, if it does not, then we’ll install our software-based encryption engine on that machine."
Even in a theoretical endpoint envrionment consisisting solely of Opal drives, Hoban and Krishnan say that self-encrypting drives have their limitations.
"What’s notable is these drives provide this built in encryption in the hardware, but they really do not provide any form of ability to do, for example, centralized rollout or deployment of a protection solution across an organization, no centralized key management or key recovery, no centralized policy capability of any sort, and no ability to have any reporting or auditing," Krishnan explains. "So the things that you typically need in an organization to be able to have a solution around data protection are not being provided."
He believes GuardianEdge can help organizations round out their endpoint protection scheme with more complete management capabilities.
The drive management capabilities for Opal announced today will go through beta testing this month and be released to the channel in early 2010.