Full disk encryption (FDE) moves the task of data encryption directly to the hard drive. With no noticeable performance impacts, FDE encrypts data as it is being written and decrypts data as it is being read. Seagate debuted the first FDE drive for laptop computers, the Momentus® 5400 FDE.2 hard drive with Seagate Secure technology, in 2006 and plans to extend FDE functionality in the near future to the Seagate Barracuda® line of desktop drives as well as other products for server and data center users .
FDE is a hardware feature incorporated into the drive to protect data where it is stored or data at rest. Inside the drive is a complete computing system, including a CPU used for data encryption and decryption. Since FDE uses its own CPU, the user does not suffer performance issues as with software encryption.
FDE is transparent to the user and independent of the operating system; users don’t need to turn the encryption feature on and cannot turn it off. FDE is always encrypting and the data is always protected.
The FDE drive interface closely controls access to drive resources. There is no direct memory access and program memory is separate from data storage, minimizing the risk of any backdoor data breach. FDE comes complete with its own memory, a multitasking operating system and an abundance of storage space, all in the hard drive’s closed computing environment.
The value of FDE technology grows with every report of a lost or stolen laptop or sensitive data record. The cost of exposing sensitive business or personal data is devastating. With so many incidents of data loss in recent years, both federal and state governments have taken action to hold companies accountable for protecting the sensitive information they handle. Laws that require disclosure of data breaches and assign liability in some cases reflect widespread concern for maintaining the highest possible protection of data