Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The importance of protecting the device and not just the network

Issue 3 2021 Infrastructure

By Ruben Dennenwaldt, senior product marketing manager at Western Digital (MEA).

With data security such a big talking point of late, many of the discussions around protecting data have focused on securing the network. At a time of increased remote working and reliance on cloud technology, perhaps this is understandable. However, a key consideration should also be how best to secure the devices that hold this data.


Ruben Dennenwaldt.

To ensure data is protected, device systems, hardware and software applications all have to be analysed thoroughly in order to see where improvements can be made to existing infrastructures. Furthermore, new state-of-the-art security techniques need to feel virtually seamless for end users to ensure the best results.

Infrastructures for storing data can be improved and in this article, we will examine four areas where proven security concepts have recently seen significant improvement.

1. The advantages of hardware encryption

Encryption is important to both the confidentiality of data and the drive where that data resides. Strong hardware-based encryption can help to increase security without impacting speed.

These days, people have become accustomed to using their mobile phones for authentication, as many of us now keep our phone with us at all times. We pair our phones with external devices such as headphones and log in with biometrics such as fingerprint or facial recognition. Using these same sorts of actions seemed like the ideal way to add security features in a way that feels very natural and intuitive.

Hardware-based encryption is different than encryption which takes place within software. In software-based encryption, the host computer has access to the encryption key for the disk, which means that malware on the host can steal that key. With many forms of hardware-based encryption, the key used to encrypt data on the drive stays isolated within the drive itself.

Hardware-based encryption therefore helps provide a secure method of establishing trust while also eliminating a traditional point of friction and weakness within the verification process.

2. Application security through sandboxing

One of the security measures that must be met by apps listed on official app stores is application sandboxing. Sandboxing supports built-in operating system checks to limit an app’s use of system resources to only those features that the app developer intends. This helps prevent inserted malicious or faulty code from being used to access additional system resources.

For instance, a sandboxed application cannot corrupt other applications’ files, or spoof operating system level security dialogues. By contrast, an app which contains a kernel-level driver has full control over your operating system as well as all applications and files on your computer. Any security bug in this driver might allow malware to take over the entire computer.

Sandboxed applications include an entitlement list that enumerates the set of system resources that the app requires. This list is checked by the operator of the app store to ensure that it matches the features of the application. If the application attempts to access a resource that it does not have permission to use, such as a microphone, then the operating system’s sandbox will prevent the application from continuing.

This keeps an app from being used to access resources and data on your device. When it comes to ease-of-use, the key is applying the best practices of mobile device security to external drives. If the drive is uniquely linked via an app on a user’s compatible smartphone through an encrypted wireless connection, it helps bring enhanced security and a great user experience.

3. Communications protocols over Bluetooth technology and USB ports

Traditionally, there are two methods to unlock your drive and authorise other users: wirelessly via Bluetooth technology and using a wired method, such as via a USB port. No matter which method you choose, the same technologies are used to help secure your connection to the device.

The Bluetooth pairing process requires a pairing code to be entered on both devices. Nowadays Bluetooth security can provide a ‘point and pair’ connection process. This layer makes it easier to pair and also helps improve security by verifying the authenticity of the drive when you connect to it.

Drives can contain a label with a unique key that is used to locate and secure the connection. When connecting via Bluetooth technology, you simply scan the QR code on the label, then your phone finds and connects to the drive using the key embedded in the code. When connecting via a USB port, a separate, shorter code is used, which is printed next to the QR code. This code serves as validation you are connecting to the right drive and also helps prevent malicious applications from connecting to it.

4. Data protection through hardware-backed encryption

These days, hardware-backed encryption is based on a new approach to public-key management, one which allows data to be self-secured by the hardware-based key storage in your smartphone or computer.

Passwords can be a weak link in security, while also interfering with the useability of a device. Simply put, people may choose weak passwords, or they forget them. Once the password of a self-encrypting drive is lost, the data on the drive could be lost as well.

To address these issues, there is a new approach to securing data on a self-encrypting drive. A smartphone or laptop can be used as a ‘key’ that can unlock your drive. Specifically, this is done through a hardware-backed key storage on your device. This hardware protection enforces the use of a mobile device’s passcode or the biometric used to unlock the private key.

Moving forward

There are clear advantages to using hardware for data security over solely relying on secure networks. Hardware products can push the boundaries of state-of-the-art security techniques while maintaining ease-of-use that feels virtually seamless. These products are designed by choosing existing, proven security concepts, improving them whenever possible and creating innovative solutions where they are needed. Ultimately, by weaving concepts together, a next-generation architecture is created that helps provide security over many technology layers.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

New commercial and technical appointments at Veeam
News & Events Infrastructure
Veeam Software has announced two senior appointments in its South African business as it continues to invest in local market growth and partner and customer engagement.

Read more...
Access as a Service is inevitable
Technews Publishing SMART Security Solutions ATG Digital Access Control & Identity Management Infrastructure
When it comes to Access Control as a Service (ACaaS), most organisations (roughly 90% internationally) plan to move, or are in the process of moving to the cloud, but the majority of existing infrastructure (about 70%) remains on-premises for now.

Read more...
Privacy by design or by accident
Security Services & Risk Management Infrastructure
Africa’s data future depends on getting it right at the start. If privacy controls do not withstand real-world conditions, such as unstable power, fragile last-mile connectivity, shared devices, and decentralised branch environments, then privacy exists only on paper.

Read more...
Access trends for 2026
Technews Publishing SMART Security Solutions RR Electronic Security Solutions Enkulu Technologies IDEMIA neaMetrics Editor's Choice Access Control & Identity Management Infrastructure
The access control and identity management industry has been the cornerstone of organisations of all sizes for decades. SMART Security Solutions asked local integrators and distributors about the primary trends in the access and identity market for 2026.

Read more...
Protecting high-value data from AI
CASA Software Infrastructure Information Security Products & Solutions
As artificial intelligence accelerates the speed and sophistication of cyberattacks, protecting high-value data, such as financial records, legal files, patient data, intellectual property, and compliance records, has never been more urgent.

Read more...
Integrated security key to protecting cloud applications
Infrastructure Information Security
Cloud-native applications have transformed the way businesses operate, enabling faster innovation, greater agility, and enhanced scalability. Yet this evolution brings an equally complex security landscape.

Read more...
The global state of physical security
Genetec News & Events Infrastructure
Physical security has become a strategic business function, improving IT collaboration and decision-making. Moreover, interest in AI has more than doubled among users, and organisations seek flexibility to deploy workloads on-premises, in the cloud, or hybrid.

Read more...
SA availability of immutable backup storage appliance
CASA Software Infrastructure Security Services & Risk Management
CASA Software has launched the newly released Nexsan VHR-Series, a fully integrated, enterprise-class, immutable backup storage appliance purpose-built for Veeam software environments, with usable capacity ranging from 64 TB to 3,3 PB.

Read more...
What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.