How We Help - Hardware Full Drive Encryption

AES 256 full drive hardware encryption provides foundational protection for data at rest. Sophistication of threat actors and the proliferation of advanced data recovery techniques, require the deployment of solutions that combine full drive hardware encryption with pre-boot authentication and multi factor authentication. Cigent Secure Storage Solutions provide integrated security to ensure the integrity of data on vulnerable devices operating at the edge.

AES 256, PBA, and MFA

Cigent employs AES-256 bit hardware encryption utilizing established, proven methodologies coupled with pre-boot authentication and multi-factor authentication to prevent unauthorized access.

Achieve compliance requirements from a single solution

Cigent Secure Storage Solutions are on CSfC for DAR component lists, addresses FIPS 140-2 Level 3 requirements, and meet EO14028 standards for encryption and multifactor authentication.

Ensure data at rest is protected

Protection when an adversary has physical access to device. Combination of full drive hardware encryption, PBA, and MFA steps even advanced threat actors.

Easy enterprise management

Enterprise management provides efficient administration with visibility and reporting, key and hidden partition management. Cloud and on-premise console options available.

Cigent Protection

Tested, proven encryption

Effective protection of DAR requires layers of protection technology to prevent unauthorized access. Cigent’s solution uses proven, and NSA validated encryption methodology, including full drive AES-256-bit hardware encryption.

AES 256-bit Hardware Encryption

Cigent proven and tested methodology for encryption that has undergone rigorous testing by NSA, DISA and other Federal agencies.

Pre-boot Authentication (PBA)

PBA is a critical security capability to prevent adversary from circumventing full drive encryption. PBA provides a separate, secure authentication prior to initiating boot. Cigent PBA has been validated by NSA for CSfC for DAR.

Multifactor Authentication (MFA)

Optional configuration with PBA provides MFA capability requiring use of both U/N Password and smart card (CAC).

Encryption is only effective with proper implementation and administration. Cigent provides an enterprise management console available locally and in the cloud and with Command Line Interface (CLI) for local administration for Windows and Linux devices.

Encryption is only effective with proper implementation and administration. Cigent provides an enterprise management console available locally and in the cloud and with Command Line Interface (CLI) for local administration for Windows and Linux devices.

Central Management & Visibility.

Inventory and report on all internal and external storage devices.

Secure Encryption Key storage.

Securely store encryption keys in Cigent Management Console database, which requires an approval workflow to download keys.

Automate Hidden Partitions.

Programmatically lock, unlock, and wipe Cigent hidden partitions using your language of choice for both Windows and Linux endpoints. Automate full drive wiping to ensure data has been securely deleted.

The Cigent Advantage

Cigent is prepared to support your mission navigating the complex compliance requirements to protect data at the edge. Its solutions were developed for and with US Federal agencies with deep expertise in data protection. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

To ensure availability and provide flexibility, Cigent works with leading drive manufacturers including Digistor, Kanguru, and Seagate and Cigent offers our own branded drives.

Resources / Blog

Introduce resources that can
provide value to the visitor

View all

Blog 2 min read

Data Security for Unmanned Vehicles—both UAV and UGV

Ensure data security for unmanned vehicles with advanced protection methods. Learn about ..

Blog 4 min read

Understanding CSfC for DAR Data Security

CSfC for DAR leverages commercial tech to secure classified data, offering flexibility, ..

In the News 3 min read

Phison and Cigent Partnership Sets New Standard in Cybersecurity with Self-Defending Flash Storage Drives

Phison & Cigent revolutionize cybersecurity with self-defending flash drives, offering ..

Frequently Asked Questions

Check out the answers to some of most frequently asked questions about Cigent, what we do, and how we do it. Don’t see your question on the list? Click the BOOK A DEMO button in the top right corner of your screen to learn more about us during a custom demo.

What does Cigent do?

Cigent protects data on devices operating at the edge from unauthorized access. Cigent solutions secures data at rest with layered protection including hardware encryption, pre-boot authentication, and multifactor authentication. Cigent also ensures data integrity when the device is in use preventing wiping and cloning and other data attacks.

How does Cigent work?

To prevent sophisticated adversaries from unauthorized access requires layered protection. The foundation of Cigent solution is 256-AES full drive hardware encryption with pre-boot and multifactor authentication. These capabilities have been validated by agencies including NSA and NIAP. Additionally, Cigent provides capabilities that ensure the integrity of data through its lifecycle including hidden partitions, storage-embedded AI, and verified data erasure.

What is data-at-rest encryption?

Data at rest encryption traditionally refers to the encryption of data when the device is asleep or powered-off. Data at rest encryption seeks to prevent adversaries who gain physical access to the device would seek to extract sensitive data. Cigent uses AES 256 full drive hardware encryption with pre-boot and multifactor authentication. In addition, Cigent uses zero-trust access to control to also protect data when a device is in use. This is with hidden partitions that maintain encryption until it is accessed with step-up authentication.

What is pre-boot authentication?

Pre-boot authentication (PBA), also known as power-on authentication, is a security feature that requires users to authenticate before their device boots up. PBA is a layered approach that protects devices and data from offline attacks and cyberattacks. It's often used with full disk encryption (FDE), where users must authenticate to boot the system and restore data. Cigent PBA has been tested and validated by leading organizations including NSA, DISA, NIST, and NIAP.

What devices does Cigent protect with hard drive encryption?

Cigent provides the widest breadth of secure storage solutions all utilizing hardware encryption. These includes: PCs supporting both M.2 2280 and the emerging M.2 2230 standard, remote servers and NAS devices with U.2 drives, external media with flash drives, encrypted external drives, SD and Micro SD cards, and embedded for SSD BGA.

Does Cigent help with certifications?

Yes, Cigent Secure Storage Solutions can support organizations meeting Commercial Solutions for Classified (CSfC) for data at rest including pre-boot authentication requirements. Cigent solutions can also meet FIPS 140-2 and 140-3 standards. Additionally, Cigent can address requirements from Executive Order 14028 including encryption of data at rest, multi-factor authentication, and the utilization of zero-trust access control. Cigent protections have been thoroughly tested and validated by leading Federal agencies including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

Still have questions?

Learn more about Cigent and our solutions by downloading our company overview.

DOWNLOAD COMPANY OVERVIEW

Hardware Full Drive Encryption