Protect Your Data

Understand encryption and security types to make sure your important data is safe.

Critical Areas of Data Protection

Three key areas of data protection are outlined below.

Encryption

Ensure data on the drive is securely encrypted

We offer drives with and without hardware-based encryption. Drives with encryption use AES-256 to encrypt user data at rest.

Access Control

Configure the drive to only allow access to authenticated users

We offer drives with industry-standard access control methods, including ATA Security Feature Set and various TCG SSCs (subsystem classes).

Data Sanitization

Securely erase the data when decommissioning the drive

All drives offer sanitize features that when operated correctly are consistent with the “Purge” function described by the NIST SP 800-88 guidelines for media sanitization.

Compare Security Types

Learn about the four main security types we offer, and discover which may be best for you.

Security Type User Data Encrypted At Rest Data Access Control Preferred NIST Purge- Compliant Erase External Certification of Security Protocol
Secure Erase (SE) ⓘ
Shop Now
ATA Security (SATA only) Sanitize Overwrite (HDD)
Sanitize Block Erase (SSD)
Instant Secure Erase (ISE) ⓘ
Shop Now
ATA Security (SATA only) All of the above, plus Crypto Erase
Trusted Computing Group (TCG) ⓘ
Shop Now
TCG-SSC All of the above, plus Revert
TCG-FIPS ⓘ
Shop Now
TCG-SSC All of the above ✔ FIPS 140-2 Certification by NIST-approved labs1

Secure Erase (SE)

SE drives are offered without user-data encryption, and access control can be provided on SATA drives only. Drive sanitization is performed using standard ATA Security Erase, SCSI Sanitize, or NVMe™ Sanitize commands, and incorporate the Overwrite (HDD) or Block Erase (SSD) methods.

Instant Secure Erase (ISE)

ISE drives support all sanitization methods as SE drives. In addition, ISE drives have data encrypted at rest, and access control can be provided on SATA drives only. During the sanitization step, drives can be sanitized using ATA, SCSI, or NVMe standard commands but with an instant cryptographic erasure rather than requiring that the drives be overwritten or go through a block erase process.

Trusted Computing Group (TCG)

TCG drives have data encrypted at rest. Access control is handled through TCG-SSC protocols, being TCG Enterprise, TCG Opal, or TCG Ruby depending on the drive model. TCG drives support all sanitization methods as ISE drives. Additionally, TCG drives support the Revert command, which not only sanitizes the drive but returns its TCG state to the factory default.

TCG-FIPS

TCG-FIPS drives are identical to TCG, but are additionally validated by a NIST-approved laboratory to meet the Federal Information Processing Standard (FIPS). Drives with TCG-FIPS security may also use tamper-evident features to comply with Level 2 security requirements.

Have a question about data security?

Disclosures

1. FIPS 140-3 in progress on certain products.
References to certain features or services do not imply that they will be made available in all countries or an all products.

Compare