Cigent DataSafe™ K2 Storage comes in 512GB, 1TB, and 2TB NVMe SSD internal and external configurations. It can be installed as the primary storage device on a PC where the O/S runs or as secondary internal storage (such as in a desktop tower) or as external media plugged into a USB port.
It has unique firmware that adds cybersecurity protections, monitoring data activity into and out of the drive and moving data security as close to the data as possible. When used in conjunction with Cigent Data Defense Engine™ (D3E), Cigent DataSafe Storage protects data throughout the entire device lifecycle—from provisioning to end-of-life—defending against a vast number of threat vectors.
Cigent DataSafe is the first and only SSD to include TrueErase™, firmware verification that reports each block’s erased or unerased state after a wipe attempt, allowing the trusted user to safely repurpose their device, retire it, or ship it for destruction, saving money on expensive media and allowing you to implement a green policy to storage device lifecycle management.
Self-encrypting disk partitions that can be used to securely store your sensitive files below the OS layer. The only way to access files stored in a locked Secure Drive is with step-up authentication. Secure Drives are threat aware and disappear whenever a threat is detected or the PC is power cycled. The effect of these security measures is that sensitive files are accessible for a very limited time and only on an as needed basis by the trusted user.
Common techniques of attackers include disabling security software, booting from an alternate O/S, and removing the drive. Cigent DataSafe uses a Keep Alive heartbeat in the firmware that constantly ensures designated cyber security software is running, including D3E. If not, all Secure Drives automatically lock and can not be bypassed.
Advanced attackers always wipe their tracks, deleting system and data access logs. Cigent DataSafe Storage captures and protects comprehensive, firmware-secured data access logs and audit trails that cannot be wiped. Access logs are stored for incident response, non-repudiation, and litigation use.
Sophisticated attackers with enough time, money, and resources will find a way to bypass cybersecurity measures that are based solely on software. Sensitive files on endpoints have been at risk from cyberattacks due to a wide array of threat vectors, including:
Unencrypted data after login
Credential compromise (theft, poor hygiene)
Vulnerabilities (OS, apps, firmware)
Unhealthy PC State (configuration drift, agent corruption, OS updates, BYOD PCs)
Disabled security software
Advanced malware and fileless attacks
Supply chain compromise
Advanced APT attacks, chip implants, BIOS and firmware malware
Easily, effectively protect data on endpoints and external media with little-to-no IT or SOC involvement. Storage firmware hides sensitive files, constantly ensures the PC is in a secure state, and D3E software enables zero-trust file access controls securing sensitive files, while never blocking trusted user file access or quarantining systems. In the event of lost or stolen devices, sensitive files are completely hidden by firmware and inaccessible by any means without the trusted user’s authentication.
Address critical requirements of data governance and privacy programs by effectively securing endpoint data addressing regulatory requirements including HIPAA, GDPR, GLBA, PCI-DSS, CCPA, and more.
Protect data on endpoints from theft from colleagues, by ensuring only the trusted user can access their files. Detect insiders who move around systems trying to access documents or steal credentials. Respond effectively and precisely by knowing what was taken by insiders with detailed data access logs that cannot be deleted and are protected by firmware.
Intrinsic multilayered ransomware prevention uses firmware to hide sensitive files and requires zero-trust file-access controls for data access and use, very effectively and easily preventing ransomware from accessing files to maliciously encrypt them.
Firmware hides files and D3E software ensures only trusted users can access and modify files.
Comprehensive, detailed storage data access logs are saved and protected by firmware from being deleted, thus enabling quick and effective response to endpoint data breaches.
When a device or media is determined to be repurposed, retired, or destroyed, proper data sanitization is required when sensitive files have been saved on the system. Research has shown SSDs often inaccurately report successful removal of data. Our built-in verification technology shows the user exactly what has been removed and what information, if any, still remains.
Numerous studies show that when users or organizations are ready to donate, recycle, or sell their SSDs, more than 80% don’t completely remove their data. This leaves sensitive, or even classified information exposed. Many organizations don’t trust the current tools available to remove data and are thereby forced to spend thousands of dollars either storing these devices or physically destroying them at end of life.
Interface: PCIe Gen3x4 NVMe 1.3
Form factor: M2 2280-D3
Operating temperature: 0º to 70º C
Non-operating temperature: -40º to -85º C
TCG Opal 2.0
Remotely upgradeable firmware
Optional external media USB adapter
Warranty: 12-months hardware warranty