Guardisk holds key to government laptops

Thales e-Security launched a hard drive encryption device at the Info Security show in London on Wednesday, designed to protect laptop data by storing everything on the hard drive in an encrypted state. The device is already being adopted by the government, anxious to ensure that sensitive data isn't extracted from misplaced laptops.

The Guardisk device is a micro hard drive, with a cryptographic unit attached. The two devices are enclosed in a case the same size as a common laptop hard drive, so it can be fitted inside any standard laptop.

Guardisk has been approved by the Communications Electronics Security Group (CESG) for "Restricted" and in some cases "Top Secret" data and has already been introduced in some government departments, where laptops containing sensitive information are reported lost at the rate of five a week, according to Thales. Between 1996 and 2002, the government reported 1,300 laptops lost, the company said.

Traditionally, a hard drive connects to the laptop motherboard using an IDE BUS, but in this case, the crypto device sits between the two connections, so all data on the hard drive -- including the operating system -- is encrypted and decrypted on the fly. In order to access a laptop fitted with Guardisk, the user is provided with a contactless smartcard (radio transmission) and password. Once switched on, the laptop will request the user to wave the smartcard over the laptop and enter a password.

Data contained in the crypto unit is combined with data received from the smartcard to form a cryptographic key, which is used to encrypt and decrypt everything on the disk.

Once verified, the user will have access until the laptop is shut down.

Phil Naybour, Thales e-Security's managing director, said: "There is a pressing need for hard disk encryption to protect government laptops. Installing Guardisk ensures that any stolen laptops cannot be used to gain access to classified information on the laptop's hard disk or associated networks. This is vital to ensure that users -- whether in a government department, the MoD, police or the public sector -- can enjoy the benefits of mobile computing without any additional security risk."

Because the system uses a micro hard drive, the storage capacity is relatively small. Initially, the system can hold 10GB, but Thales expects to double the capacity within a year.

One possible flaw in the product is that if a Guardisk-armed laptop is put into hibernation or sleep mode, it will not require re-authentication when it is woken up. CESG recommends that the sleep and hibernate functions are disabled before use and the laptop is shut down.

As far as the laptop is concerned, Guardisk is just an ordinary hard drive, so general usability is unaffected. The system is compatible with all major operating systems including Windows, Linux and Unix.

Guardisk costs between £400 and £500 per unit, depending on quantities ordered.

Let the editors know what you think in the Mailroom.