Sponsored content
Find out moreData security on an external hard drive has never been simpler than with ArmorLock™, providing easy access via mobile phone
Western Digital’s ArmorLock™ Security Platform is the next stage in the evolution of encrypted storage. The platform was designed and developed over several years with the objective of pushing the boundaries of state-of-the-art security techniques while maintaining ease-of-use that feels virtually seamless.
Western Digital began the design process by choosing existing, proven security concepts, improving them where possible, and creating innovative solutions when needed.
These concepts were then woven together to create a next-generation architecture that provides security over many technology layers. The first product to use this platform is the G-Technology™ encrypted ArmorLock NVMe™ SSD.
The design of the ArmorLock Security Platform takes inspiration from the use of mobile phones and how people pair them with a variety of external devices, such as headphones, as well as logging in to services and apps using their biometric data such as fingerprint or facial recognition.
Using these actions seemed like the ideal way to add security features in a way that was both natural and intuitive. Western Digital also believed that the existing Bluetooth™ security standard could be improved upon, so the company rebuilt parts to make it easier to use, while adding extra layers of security.
INNOVATIVE SECURITY MADE SIMPLE
Western Digital used the dedicated hardware-backed key storage available on the Apple iPhone and MacBook devices to improve the authentication process.
Rather than asking users to create and remember yet another username and password to unlock the drive, the app uses two factors of authentication that are available on your phone.
That could be something such as the passcode used to unlock a phone or the biometric data, plus the presence of the hardware-backed key. This provides a secure method of establishing trust while also eliminating a traditional point of friction and weakness in the verification process.
“It’s important to avoid common pitfalls that can come with using highly connected devices”
The ArmorLock Security Platform is also designed to help protect your data if the drive is lost or stolen. With the ArmorLock drive, a locked device can be made cryptographically indistinguishable from an erased device by using the default settings.
While mobile devices are a great way to add innovative security features, it’s also important to avoid common pitfalls that can come with using highly connected devices. Most people use their mobile devices like a computer that’s always in their pocket and this sort of interaction tends to involve a lot of internet activity, not all of which is secure. To exist in this sort of environment safely, it was critical for
Western Digital to leverage boundaries existing within modern mobile operating systems and enable only as much functionality as believed necessary to do what you intend to do.
The ArmorLock drive is accessed through the ArmorLock app. This is available for download initially through the Apple iOS App Store and Mac App store. To be offered on these stores, an app must first go through Apple’s screening process. To accomplish this, the software must include sandboxing, which limits the privileges of an app to its intended functionality.
The ArmorLock app requires minimal permissions on the device. It also prevents its data or functionality from being accessed by other apps by taking advantage of the hardware-backed key store.
This focus on limiting privileges does not stop with the app itself. Wherever possible, Western Digital uses peer-to-peer functionality instead of communicating with a centralised cloud. This means that the hard drive can be used in environments where the internet is not available. This also enables the user to strike a balance between eliminating the security issues associated with cloud usage and using additional cloud-based features.
The system doesn’t require a Western Digital account or subscription to use the ArmorLock drive. An authorised device provides the chain of trust, rather than an external entity.
After the ArmorLock app is downloaded, any further cloud communications are optional. If Last Known Location is enabled, the app will retrieve map data. And if you need to authorise someone remotely, then you can do so over the communications and messaging service of your choice.