TCG Opal is the standard de-jure framework for device security.
It is designed for mobile devices and laptops and has extremely wide industry support and across multiple operating systems. The TCG Opal framework is supported by most top-tier storage manufacturers and is also designed for solid-state drives (SSDs) as well as hard disk drives.
Devices that conform to the Opal standard have proven secure encryption build in at the firmware level. The moving of the encryption to the drives means that the reduction in performance is minimised as the compute-intensive work is done by ASIC (Application Specific Integrated Circuits) designed specifically for the job.
It should be pointed out that any Opal certified drives are visible to most users who may purchase such a device to install in their laptop. Only when the TCG Opal functionality is enabled does it become something more than an SSD.
As good as they are, standards and frameworks will only get you so far. The management tools that utilise them are important. There are several vendors that provide management tools that integrate with the TCG Opal framework to provide centralised management and an almost transparent user experience users still have to enter a password or key on start-up.)
To utilise Opal, there are two parts to the framework in a client- server configuration. The server works as a management station to allow control and management of the encryption and the keys. Critically, using a solution such as Opal wraps up the encryption complexity into a set of management tools utilising a framework. Vendors include:
• WinMagic • Symantec
Whilst the exact implementation details vary from vendor to vendor, they provide the key needs and requirements for management. Management functionality includes a wide range of tools and facilities including:
When paired up with a remote location and management tools,