How does the hardware encryption on the M500 work?
With an M500, the encryption is always on, meaning when data is written to the M500 it is encrypted and when read from the M500 it is decrypted. The password security feature needs to be activated by encryption management software, if that is not done, there is nothing stopping a user from reading the data on the drive. In other words, the M500 will generously decrypt all information for anyone who asks, unless security management software is installed to prevent that.
The easiest way to regard this is like a security system in a house. Until this is "armed" (through the use of a piece of 3rd party software for applying login credentials, for example) it is simply there but not actively protecting your data.
Self-Encrypting Drive (SED) technology provides verified and certified data security which offers nearly unbreakable pre-boot access protection for user data. Because SED access is pre-boot, there is no possibility of running an OS utility to break authentication codes. Following TCG Opal 2.0 specifications and IEEE-1667 access authentication protocols provide data security which meets government standards for data in banking, finance, medical and government applications. Our support for Windows 8 eDrive provides the individual user with simple plug-and-play data security which can protect sensitive personal data, without having to modify BIOS settings, and without having to spend time to encrypt data already in place (as is the case for software encryption methods).
Windows 8 Professional, Enterprise, and RT editions all automatically support encryption key management of SEDs. The M500 fully supports Microsoft’s requirements for eDrive capability. This provides security for your data at rest with no loss of throughput performance. In other words, in order to active the password feature, to arm the security system if you will, all it takes in Windows 8 is to enable BitLocker. While BitLocker in older Windows Operating Systems does not support SED technology, you can still use the encryption feature like on any other drive, it just won’t take advantage of the benefits of the hardware encryption on the M500. To help users on Windows 7 or other Operating Systems take advantage of the SED ability third-party software vendors, such as Wave Systems, WinMagic, and others provide advanced encryption and authentication management features for Opal 2.0 storage devices.