How We Help
DAR Protection
Quantum & Advanced Threat Protection
Data Sanitization
Insider Threat Protection
Capabilities
Products
Preboot
Cigent PBA
Prevent Data Attack
Cigent FDE
Prevent Ransomware & All Other Attacks - Cobalt Blue 1(1)
Cigent SSD Clients
Frame 84
Cigent SSD Enterprise
Frame 87(1)
Cigent SSD UxV
Industrial Control Systems
Cigent SSD ICS
Hex Editor
Custom Projects
Resources
Downloadable Assets
Whitepapers, eBooks, Infographics, and More
Blog
Read articles on all things cyber security.
Who we partner with
Handshake
Partners
Cigent Ecosystem of Device and Service Partners
compatible sed devices
Certified Drives
SED Devices Compatible with Cigent
Learn More About Cigent
News from Cigent
4 min read
Discover best practices for protecting sensitive ..
4 min read
Explore how disk cloning and data destruction can ..
Menu Close
Market - Tank-1

Software Full Drive Encryption

Cigent Software Full Drive Encryption (SW FDE) secures mission-critical data providing NSA CSfC for DAR inner-layer protection.

NSA Validated DAR Protection

NSA Validated DAR ProtectionCigent SW FDE employs quantum-resistant AES 256-bit encryption validated by NIAP and NSA to protect data at rest. Cigent SW FDE can complement HW FDE to meet CSfC for DAR requirements or utilize as stand-alone encryption delivering foundational protection.
Data at Rest Encryption

Advanced Boot Protection

Cigent employs pre-OS boot which requires users to authenticate before the operating system boots. The approach reduces the risk of the OS being compromised to gain access to keys.

Compliance-1

Multi Factor Authentication

Ensures that only authorized users can access encrypted data by requiring the use of both username/password and a Smartcard (CAC).

Efficient Administration

Administration at Scale

Command line interface provides management of SW FDE with ability to integrate into existing enterprise management.

Prevent Data Attack

Extensive Coverage

Supports PCs, mobile workstations, and servers running Windows or Linux. SW FDE can also be employed on non-traditional compute devices including vehicles, UxV, and ICS.

Protection

CSfC for DAR Protection

NSA CSfC for DAR requires two layers of protection:

Outer Layer

The outer layer includes hardware full drive encryption (HW FDE) with pre-boot authentication.

Inner Layer

The inner layer includes software full drive encryption with multi-factor authentication.

SW FDE

Cigent SW FDE paired with Cigent Secure Storage SSDs – that include HW FDE and PBA - provides a single CSfC for DAR solution. Cigent employs a separate and distinct crypto libraries for HW and SW encryption meeting NSA “manufacturer diversity requirement.”

Cigent SW FDE can also be utilized with other suppliers’ CSfC compliant drives to provide the inner layer of CSfC DAR protection requirements.

How Cigent FDE Protects your Data

Cigent Software Full Disk Encryption safeguards sensitive data from power-off through system boot. Cigent SW FDE operates independently of the hardware and protects data at rest with strong cryptographic controls and multi-factor authentication.

Power-Off Protection

When the device is powered off, all data on the drive remains encrypted and unreadable

Boot-Time Enforcement

Upon power-on, the SW FDE requires authentication before the operating system loads, enforcing access control before any data is decrypted.

Two-Factor Access Control

Access to encrypted data requires authentication using both a username/password and a smartcard (CAC).

Transparent Data Access

Once authenticated, the encryption engine fully decrypts the disk, allowing users to seamlessly access their data without friction.

An image of preboot user authentication

The Cigent Advantage

Cigent solutions were designed and developed with and for US Intelligence and Defense communities. All employees, including Cigent software development, are based in the US. The team includes multiple personnel with TS/SCI clearance with decades of data protection and operational experience to support your requirements.

Cigent solutions have been tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK) and are deployed across US Intelligence agencies, US Defense services, and the defense industrial base.

iStock-814367282
ebook

Protect Your Data at Rest

Cigent is prepared to support your mission navigating the complex compliance requirements to protect data at the edge. Its solutions were developed for and with US Federal agencies with deep expertise in data protection. Read our extensive eBook to learn more.

Cigent-Secure-Storage-White-Paper-11-15-2024_09_38_AM
Resources / Blog
Introduce resources that can
provide value to the visitor
4 min read

Edge Computing Requires Edge Security: Best Practices for Protecting Sensitive Data at the Edge

Discover best practices for protecting sensitive data at the edge with Cigent's insights ..

4 min read

Prevent Data Security Issues with Disk Cloning & Data Destruction

Explore how disk cloning and data destruction can prevent security issues. Learn how to ..

Blog 4 min read

FIPS 140-2 & FISMA — Understanding Cybersecurity Compliance for Cryptography Modules

Learn about FIPS 140-2 and FISMA compliance for cryptography modules, essential for ..

Frequently Asked Questions

Check out the answers to some of most frequently asked questions about Cigent, what we do, and how we do it. Don’t see your question on the list? Click the BOOK A DEMO button in the top right corner of your screen to learn more about us during a custom demo.

What does Cigent do?

Cigent protects data on devices operating at the edge from unauthorized access. Cigent solutions secures data at rest with layered protection including hardware encryption, pre-boot authentication, and multifactor authentication. Cigent also ensures data integrity when the device is in use preventing wiping and cloning and other data attacks.

How does Cigent work?

To prevent sophisticated adversaries from unauthorized access requires layered protection. The foundation of Cigent solution is 256-AES full drive hardware encryption with pre-boot and multifactor authentication. These capabilities have been validated by agencies including NSA and NIAP. Additionally, Cigent provides capabilities that ensure the integrity of data through its lifecycle including hidden partitions, storage-embedded AI, and verified data erasure.

What is data-at-rest encryption?

Data at rest encryption traditionally refers to the encryption of data when the device is asleep or powered-off. Data at rest encryption seeks to prevent adversaries who gain physical access to the device would seek to extract sensitive data. Cigent uses AES 256 full drive hardware encryption with pre-boot and multifactor authentication. In addition, Cigent uses zero-trust access to control to also protect data when a device is in use. This is with hidden partitions that maintain encryption until it is accessed with step-up authentication.

What is pre-boot authentication?

Pre-boot authentication (PBA), also known as power-on authentication, is a security feature that requires users to authenticate before their device boots up. PBA is a layered approach that protects devices and data from offline attacks and cyberattacks. It's often used with full disk encryption (FDE), where users must authenticate to boot the system and restore data. Cigent PBA has been tested and validated by leading organizations including NSA, DISA, NIST, and NIAP.

What devices does Cigent protect with hard drive encryption?

Cigent provides the widest breadth of secure storage solutions all utilizing hardware encryption. These includes: PCs supporting both M.2 2280 and the emerging M.2 2230 standard, remote servers and NAS devices with U.2 drives, external media with flash drives, encrypted external drives, SD and Micro SD cards, and embedded for SSD BGA.

Does Cigent help with certifications?

Yes, Cigent Secure Storage Solutions can support organizations meeting Commercial Solutions for Classified (CSfC) for data at rest including pre-boot authentication requirements. Cigent solutions can also meet FIPS 140-2 and 140-3 standards. Additionally, Cigent can address requirements from Executive Order 14028 including encryption of data at rest, multi-factor authentication, and the utilization of zero-trust access control. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

Still have questions?

Learn more about Cigent and our solutions by downloading our company overview.

Card

Cigent’s Federal Data Protection Solutions are second to none

Learn more about how Cigent can help you achieve your mission and protect data at rest and data on the edge from all forms of attack.