An introduction to the encryption features of the M500

by Moderator Moderator ‎06-11-2013 05:34 PM - edited ‎08-28-2013 10:04 AM

Question

How does the hardware encryption on the M500 work?

Answer

 

With an M500, the encryption is always on, meaning when data is written to the M500 it is encrypted and when read from the M500 it is decrypted. The password security feature needs to be activated by encryption management software, if that is not done, there is nothing stopping a user from reading the data on the drive. In other words, the M500 will generously decrypt all information for anyone who asks, unless security management software is installed to prevent that.

The easiest way to regard this is like a security system in a house. Until this is "armed" (through the use of a piece of 3rd party software for applying login credentials, for example) it is simply there but not actively protecting your data.

 

Self-Encrypting Drive (SED) technology provides verified and certified data security which offers nearly unbreakable pre-boot access protection for user data. Because SED access is pre-boot, there is no possibility of running an OS utility to break authentication codes. Following TCG Opal 2.0 specifications and IEEE-1667 access authentication protocols provide data security which meets government standards for data in banking, finance, medical and government applications. Our support for Windows 8 eDrive provides the individual user with simple plug-and-play data security which can protect sensitive personal data, without having to modify BIOS settings, and without having to spend time to encrypt data already in place (as is the case for software encryption methods).

Windows 8 Professional, Enterprise, and RT editions all automatically support encryption key management of SEDs. The M500 fully supports Microsoft’s requirements for eDrive capability.  This provides security for your data at rest with no loss of throughput performance. In other words, in order to active the password feature, to arm the security system if you will, all it takes in Windows 8 is to enable BitLocker. While BitLocker in older Windows Operating Systems does not support SED technology, you can still use the encryption feature like on any other drive, it just won’t take advantage of the benefits of the hardware encryption on the M500. To help users on Windows 7 or other Operating Systems take advantage of the SED ability third-party software vendors, such as Wave Systems, WinMagic, and others provide advanced encryption and authentication management features for Opal 2.0 storage devices.

 

------------------------------------------------------------------

Looking for more information on Crucial SSDs?  Learn more here!

Looking for Customer Service? Contact Crucial Support for your region.

Comments
by diogot on ‎12-31-2013 07:38 AM

Can I enable the encryption features on Mac?

by Moderator Moderator on ‎12-31-2013 08:17 AM

The hardware encryption on the M5500 is always operating, however, it is not always password protected to the point it locks out unauthorized access. We are at this time not aware of a software tool for Mac that provides this functionality integrated with the SED feature.

by LakeFreak ‎03-03-2014 07:45 AM - edited ‎03-03-2014 07:47 AM

I just bought and installed the M500 240Gig. So disgusted that the product sales page failed to mention the above Windows 7 limitation. Why is there not a combined document detailing to newbies about the encryption, alignment, hibernation vs. sleep, defrag, etc. I have had to spend an evening Googling to get educated, when it could have been so simple for the Crucial brainiacs to put a doc together. My opinion of Crucial has really taken a hit.

by Moderator Moderator on ‎03-03-2014 08:49 AM

Hello LakeFreak,

 

I'm sorry to hear you were having difficulties finding the information you need. We are always open to customer feedback; please let us know of any improvements you think we can do to the Tribal Knowledge Base to make it easier to locate the information you were looking for.

 

If you have any additional questions, please don't hesitate to make use of our free Technical Support by sending us an email, or call, or contact us via chat. We'll be happy to provide all the information we can.