Sophos Broadens Support to Include Trusted Computing Group's Opal Storage Encryption Standard

December 16, 2010 Sophos Press Release

BOSTON – December 16, 2010 – Global IT security and data protection firm Sophos today announced its support of Trusted Computing Group's (TCG) security subsystem storage standard Opal that provides hard drive vendors an outline for developing self-encrypting drives. With the staggering number of reported lost or stolen laptops and hard drives, it has become increasingly important that hardware comes loaded with encryption functionality to safeguard confidential data alongside encryption software. Sophos SafeGuard Enterprise (SGN) 5.60 – available in the first half of 2011 – will support Opal's specifications, enabling enhanced data protection and interoperability benefits to self-encrypting drives.

According to the Ponemon Institute (Fifth Annual U.S. Cost of a Data Breach Study, January 2010), the average cost to companies per lost or stolen record is $204. The average organizational cost of a data breach reached more than $6.6 million in 2008, up 46 percent since 2005. These costs include fixing the cause of the breach, replacing lost or stolen laptops and storage devices, legal defense costs, disclosure costs for informing consumers about the breach via letters and press releases, loss of business, and expensive fines.

"Organizations are facing mounting pressure to ensure and prove that confidential data is fully safeguarded at all times and to do so with limited budgets, support and depending on the organization, the level of knowledge and expertise," said Rainer Gawlick, chief marketing officer at Sophos. "It's a logical evolution that hardware vendors integrate basic encryption functionality on their drives. Sophos will support Opal as it's critical for us to maximize security, especially as today's workforce is far more mobile than in years past, work interoperability with hardware partners to provide tighter security for customers, and to maintain our competitive advantage."

Another Ponemon report sponsored by a large PC Maker, surveyed more than 300 US companies and found that more than 86,000 laptops are lost each year. Of this figure, "25 percent were stolen, mostly after car break-ins, while another 15 percent were lost due to 'probable theft,' leaving the rest of 60 percent as having just been lost by the users."

Sophos SafeGuard Enterprise 5.60 support of Opal self-encrypting drives will provide policy setting, management, reporting, proof of encryption, user- and key management including recovery mechanisms. With the seamless support of Opal self-encrypting drives, Sophos, PC OEMs, and end-user organizations will be able to implement and integrate hardware encryption solutions efficiently and easily. Having an additional level of encryption, data residing on lost or stolen laptops or hard drives is fully safeguarded, making it useless to unauthorized parties or individuals.

Existing Sophos SafeGuard Enterprise customers can manage these drives without additional licensing fees. Additionally, customers of existing OEM partners using SGN encryption technology such as Lenovo will be able to easily manage these drives, recover data if needed, and prove compliance via the Sophos management console.

"Lenovo applauds Sophos' support for the industry standard Opal technology," said Peter Schrady, vice president and general manager, Software and Peripherals at Lenovo. "We expect our joint customers to take advantage of this new Sophos solution."

Download the latest independent report by the Ponemon Institute, "The State of Privacy and Data Security Compliance" and visit the Sophos Hot Topic's page, Protecting Personally Identifiable Information (PII) to learn what data is at risk and what you can do about it.