Cloud-based management for self-encrypting drives

Wave Systems launched Wave Cloud, a cloud-based service for enterprise-wide management of self-encrypting drives (SEDs). The subscription-based service introduces a game-changing platform for enterprises that wish to rapidly deploy centrally-managed hardware-based data encryption on laptops.

Subscriptions start at $37 per drive per year with a one-year agreement.

SEDs provide one of the best defenses against data breach. Based on the Opal specification published by the Trusted Computing Group, the drives are available from leading storage vendors at little to no incremental cost from a wide range of PC suppliers, including Dell, HP, Lenovo and others. Solid-state versions of SEDs are also available.

Advantages over software encryption include better performance (because encryption happens on a chip, it doesn’t compete for processing cycles); faster deployment (unlike software, SEDs don’t require an initial encryption cycle); and enhanced security (encryption cannot be turned off or otherwise compromised by the end user).

“Organizations are looking for ways to leverage cloud offerings to reduce the complexity and costs of deploying endpoint encryption,” said Eric Ouellet, VP Secure Business Enablement at Gartner. “While the endpoint encryption market is relatively mature, deployment challenges remain. Offerings that can provide standardized, simple-to-use frameworks for typically cumbersome tasks could help accelerate growth in this segment.”

Wave Cloud advantages include:

Rapid deployment. Available and deployable via the internet, Wave Cloud’s simple, point-and-click interface enables most deployments to complete in less than three days.

Capital-efficient. Wave Cloud requires no on-site servers, and subscription fees scale to match the scope of endpoint protection that customers deploy. Pay only for what you use.

Better performance. Because encryption happens on a chip within the SED’s drive, it doesn’t compete for processing cycles with the laptop’s CPU or slow down running applications.

Enhanced security. An SED’s encryption is always on and cannot be turned off or otherwise compromised by the end user. SEDs are also impervious to cold-boot or side channel attacks.