New Training: Hardware Assurance Best Practices

In this 7-video skill, CBT Nuggets trainer Ben Finkel covers root of trust, eFuse, Unified Extensible Firmware Interface (UEFI), and self-encrypting drives (SED). You’ll also gain an understanding of secure boot processes and secure processing. Watch this new CompTIA training.

Watch the full course: CompTIA Cybersecurity Analyst

This training includes:

• 7 videos

• 28 minutes of training

You’ll learn these topics in this skill:

• Hardware Assurance Best Practices

• Hardware Root of Trust

• Securing Systems with eFuse

• Unified Extensible Firmware Interface (UEFI) Secure Boot

• Methods for Securing Boot

• Secure Processing

• Self-Encrypting Drives (SED)

Bitlocker vs. Self Encrypting Drives

Organizations today need to ensure data security. One of the tools that businesses can use to prevent data theft is storage drive encryption. There are various methods for whole hard drive encryption, but the two most popular are BitLocker and SEDs (self-encrypting drives).

BitLocker is a Windows integrated software solution for whole drive encryption. It works with the TPM on computers to ensure that encryption methods can't be easily bypassed. Likewise, it requires authentication when a computer boots to start the decryption process.

SEDs work by automatically encrypting data at rest as it is stored in the drive. Encryption methods are hardware-based instead of software-based. Though all SEDs require OPAL support, they can also be FIPS 140-2 certified. Enterprise environments that are mission-critical need to ensure their SEDs include this certification (Eg. Government or military use).

Bitlocker does require configuration before it is enabled. Once activated, Bitlocker will also need to spend time to initially encrypt storage devices. It may have a slight performance hit depending on the system it is being used with. On the other hand, SEDs are automatic, and due to encryption being performed at the hardware level, have the potential of having much smaller of a performance hit than Bitlocker. OPAL-supported drives can also be more expensive than traditional hard drives.