The ThinkSystem PM1733 Entry NVMe PCIe solid-state drives (SSDs) are high-performance self-encrypting drives (SEDs) that adhere to the Trusted Computing Group Opal Security Subsystem Class cryptographic standard (TCG Opal SSC).
- Direct PCIe 4.0 x4 connection for each NVMe drive, resulting in up to 7 GBps overall throughput
- Compliant with Trusted Computing Group Opal 2.0 Security Subsystem Class cryptographic standard (TCG Opal 2.0 SSC)
- Low cost, read-intensive SSD from Samsung using TLC flash technology
- Advanced ECC Engine and End-to-End Data Protection
- Samsung's SSD virtualization technology allows a single SSD to be subdivided into smaller SSDs, up to 64, providing independent virtual workspaces
- V-NAND Machine Learning enables the SSD to accurately predict and verify cell characteristics, as well as detect any variations in circuit patterns
- Fail-In-Place technology ensures the SSD operates normally even when errors occur at the chip level
- Protect data integrity from unexpected power loss with Samsung's advanced power-loss protection architecture
- Supports Self-Monitoring, Analysis and Reporting Technology (S.M.A.R.T)
Automatic encryption
It is vital that a company keep its data secure. With the threat of data loss due to physical theft or improper inventory practices, it is important that the data be encrypted. However, challenges with performance, scalability, and complexity have led IT departments to push back against security policies that require the use of encryption. In addition, encryption has been viewed as risky by those unfamiliar with key management, a process for ensuring a company can always decrypt its own data. Self-encrypting drives comprehensively resolve these issues, making encryption both easy and affordable.
Drive retirement and disposal
When hard drives are retired and moved outside the physically protected data center into the hands of others, the data on those drives is put at significant risk.
Instant secure erase
The self-encrypting drive provides instant data encryption key destruction via cryptographic erasure. When it is time to retire or repurpose the drive, the owner sends a command to the drive to perform a cryptographic erasure. Cryptographic erasure simply replaces the encryption key inside the encrypted drive, making it impossible to ever decrypt the data encrypted with the deleted key. Self-encrypting drives reduce IT operating expenses by reducing asset control challenges and disposal costs. Data security with self-encrypting drives helps ensure compliance with privacy regulations without hindering IT efficiency. So called "Safe Harbor" clauses in government regulations allow companies to not have to notify customers of occurrences of data theft if that data was encrypted and therefore unreadable.
Auto-locking
Insider theft or misplacement is a growing concern for businesses of all sizes; in addition, managers of branch offices and small businesses without strong physical security face greater vulnerability to external theft. Self-encrypting drives include a feature called auto-lock mode to help secure active data against theft. Using a self-encrypting drive when auto-lock mode is enabled simply requires securing the drive with an authentication key. When secured in this manner, the drive's data encryption key is locked whenever the drive is powered down. In other words, the moment the self-encrypting drive is switched off or unplugged, it automatically locks down the drive's data. When the self-encrypting drive is then powered back on, it requires authentication before being able to unlock its encryption key and read any data on the drive, thus protecting against misplacement and theft. While using self-encrypting drives just for the instant secure erase is an extremely efficient and effective means to help securely retire a drive, using self-encrypting drives in auto-lock mode provides even more advantages. From the moment the drive or system is removed from the data center (with or without authorization), the drive is locked. No advance thought or action is required from the data center administrator to protect the data. This helps prevent a breach should the drive be mishandled and helps secure the data against the threat of insider or outside theft.
