Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Protecting data storage is vital for a trusted digital ecosystem

December 2021 by TCG

More aspects of our lives are digitalized than ever before. From our mobile phones, to smart watches, to evolving technologies like autonomous cars – we are having personal data collected almost all the time. By the end of 2018 there were an estimated 22 billion connected IoT devices in the world, but that figure is due to more than double by 2030, when it is estimated there will be around 50 billion. Not only is there more information online than ever, but it’s more sensitive too. With personal, financial, and even medical information stored digitally, the risk of data breaches is a serious matter. We all know about the importance of keeping personal information private, but how can we ensure that this privacy extends to our online information? With the need for data storage growing exponentially, it is vital that cybersecurity is at the forefront of this revolution.

As a result of this risk, cybersecurity is a priority for companies, customers, and IT developers alike. Surveys show that in 2021, 47% of CEOs are extremely concerned about cyber threats, raising from 33% in 2020. Devices should adopt strong authentication of data, to protect personal information and business reputation from hackers; with billions of devices, each with different security needs, a standardized approach to security must be adopted. This is the key to a truly trusted computing ecosystem.

Storage devices are constantly connected, leaving them vulnerable to attacks. Hackers can use phishing links which, once downloaded, compromises the data of the device. It is then possible for the hacker to control user commands and elevate its privileges to access the data from an admin level.

Protecting the integrity of a resting device is one way that security can be ensured. The device must allow only authorized people to gain access to its data and information; a key role that for many years, Access Control has played, in protecting data from modification. Access Control is a method of authorizing the user before they gain access, and is suitable across devices or all size, functionality, or environment. As more and more connected devices enter the market, this will continue to be a critical process of data protection, which must be adopted widely and quickly to keep up with the speed of data growth.

With size and budget restraints frequently providing barriers in terms of cybersecurity, easy-to-implement, affordable solutions are critical to preventing widespread attack. Trusted Computing Group (TCG)’s Pyrite specification has been adopted by devices worldwide, and enables systems to implement Access Control capabilities with easy integration, securing devices and protecting consumer data.

The Pyrite specifies authentication requirements to unlock access to user data. This provides data-at-rest protection of user data via access controls over the storage interface. For added security, the Pyrite also offers an optional secure boot capability. These functionalities help protect user data without specifying requirements for encryption in order to meet a wider range of use cases and market requirements to support billions of devices. When an end-user device is lost or stolen, the data cannot be accessed without proper authentication using Pyrite.

By adopting a Trusted Platform Module (TPM) alongside the Pyrite offers a solution for devices with higher security risks. By doing this, protection is improved and a Root of Trust is created within the device which can further authenticate device storage activity. The Pyrite can be used alongside the TPM with storage devices across multiple vendors, ensuring fully interoperable security across the whole digital ecosystem.

As the number of connected devices entering the market shows no signs of slowing down, and the personal nature of these devices as they are integrated into our homes and cars increases, the implications of attacks are severe. If infiltrated, hackers could gain access to our most valuable, private, and personal information. IT developers must ensure that they are adopting technologies which secure our devices so end-users can store data in a safe and secure manner. The Storage Work Group from TCG have been working hard to develop specifications such as Opal, Pyrite, and Ruby Security Subsystem Class (SCC) which enable vendors and IT engineers to keep storage devices safe and secure for their lifetime.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts