Cigent Technology Extends Firmware to Secure SSDs

Cigent Technology today launched Cigent Data Defense, an offering that combines existing multifactor authentication and encryption capabilities to secure sensitive data residing on solid-state drives (SSDs).

Cigent Data Defense is based on an existing D³E for Windows platform that can employed in a standalone fashion or in combination with K2 Secure SSDs provided by Cigent Technology.

Cigent CTO Greg Scasny said that approach is more secure because it embeds authentication and encryption software directly into the firmware of the SSD below an operating system layer that is frequently targeted by cybercriminals. Cigent’s configurable secure drives keep data inaccessible and hidden at all times from the Windows file system until accessed by an authenticated user. Keep-alive sensors will automatically lock secure drives and protected files if D³E software is disabled or bypassed.

Machine learning algorithms running on a dedicated processor are then employed to detect and thwart unauthorized attempts to encrypt data, even when a user is logged into a system, said Scasny. Secure access logs residing in firmware detect unauthorized attempts to access sensitive files.

In comparison, encrypted drives available from other suppliers only secure data when it’s at rest, noted Scasny. While no platform is ever 100% impervious to attacks, Scasny said the Cigent approach makes it much more difficult for cybercriminals to successfully launch a ransomware attack that encrypts data while it’s being accessed by an end user.

Fresh off raising an additional $7.6 million in funding, Cigent Technology traces its lineage back to technology developed to retrieve data from severely damaged and encrypted media. In-Q-Tel, a venture capital firm with ties to U.S. security agencies, then funded an effort to create self-defending storage to combat data thefts exploiting weaknesses in software-only approaches to cybersecurity. That effort led to the development of storage devices with embedded machine learning algorithms capable of detecting ransomware and other types of cybersecurity threats. Software-based approaches, like all code, is always going to be subject to vulnerabilities that need to remediated, noted Scasny.

The Cigent Data Defense platform provides cybersecurity teams with access to a centralized console accessed via the cloud to manage its software and the SSDs installed. It’s also compatible with authentication technologies such as Windows Hello Fingerprint, Facial Recognition, Custom PIN, Authenticator tools or Cisco Duo Security software.

The degree to which any organization is going to want to add additional layers of data security depends on how sensitive that data really is. All data is not of equal value. However, it’s often difficult for cybersecurity teams to determine how sensitive data is as it’s being created and shared. As such, the amount of data worth going the extra mile to secure is growing. At the same time, cybercriminals are becoming more adept at gleaning insights by correlating what appear to innocuous pieces of unrelated data sets.

At the very least, organizations that invest in additional security tools and platforms may dissuade cybercriminals from launching an attack. Of course, that additional level of security also lets them know there is data worth stealing.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 746 posts and counting.See all posts by mike-vizard