Any endpoint security or encryption solution, that relies on only software-based protections, can be bypassed. How do hackers do it?
Keep your data where it belongs—with you. Cigent has partnered with Phison, one of the world’s leading storage controller manufacturers, to create Cigent Bare Metal SSDs for both NVMe and SATA interfaces. When paired with the Cigent Data Defense Engine (D3E) for Windows 10, Cigent Bare Metal SSDs, powered by Phison, provide a layer of firmware-based protection that’s virtually impossible to bypass.
When you shutdown your Windows system, D3E automatically locks Protected partitions in the firmware of the Bare Metal SSD—if your SSD is removed without authorization, your files are protected. When you reboot your system, Protected partitions are unlocked automatically.
With its built-in True Erase™ feature, Cigent Bare Metal uses the SSD’s own firmware to remove data from the drive. To ensure data cannot be recovered, erasure verification is key. Cigent and its SSD partners embed this crucial step into the firmware of all Cigent Bare Metal SSDs.
Keep Alive, available in select Cigent Bare Metal-enabled SSDs, monitors the connection between the D3E agent and SSD continuously. Compatible third-party endpoint agents are also monitored. If endpoint security is bypassed or the SSD stolen, all Protected files are encrypted on the fly. They remain locked in the firmware layer until the D3E endpoint and SSD connection is reauthenticated.
Data stored on Bare Metal SSDs is fully encrypted using industry-standard TCG Opal 2.0 extended range locking. For even greater security, special Locked and Protected partitions are invisible until the user unlocks them using D3E authentication. Once unlocked, these special partitions remain under the watchful eye of D3E, requiring a simple and secure step-up authentication to access.
When a D3E threat sensor or integration partner triggers an Active Lock, Protected files disappear from the Windows file system and are cryptographically locked in the firmware of the SSD. Once the threat is remediated, Active Lock is automatically released and Protected files reappear.
Numerous studies show that when users or organizations are ready to donate, recycle, or sell their SSDs, more than 40% don’t completely remove their data. This leaves sensitive, or even classified information exposed. Many organizations don’t trust the current tools available to remove data and are thereby forced to spend thousands of dollars either storing these devices or physically destroying them at end of life.