NEC Computers is to offer hard drives with embedded encryption across its Versa range of corporate laptops. This solution is more secure than using software encryption to protect data, and does not result in a performance hit, the company said.

Starting from January, a Seagate hard drive with embedded DriveTrust security will be available as an option on the Versa S970, Versa M370 and Versa P570 models. This enables full disk encryption, with user single sign-on via a pre-boot authentication process.

Because encryption is performed within the drive, there is no way for an attacker to access the keys, even if a laptop is lost or stolen. This method also avoids processor time being taken encrypting and decrypting data.

"Everybody loves encryption, but previously you had a significant performance hit," said NEC's UK marketing manager David Newbold. Hardware full-disk encryption is the future, he added, because it costs no more than a software-based solution.

NEC ships admin tools from Wave Systems to enable IT departments to manage policies on Versa laptops with encrypted drives. This enables them to add and delete users, unlock drives, and remotely initialise a newly fitted Seagate drive. The suite also supports a secure erase function that basically changes the key on the disk, rendering any information on it inaccessible.

Firms planning to deploy the Enterprise edition of Windows Vista can use its BitLocker function for full disk encryption, but this has several disadvantages compared to hardware support.

"Microsoft has a good solution, but it comes at a performance cost and a long initialisation time," said Newbold. He added that a standard hard disk cannot prevent access to data on the disk, because there is no security on the interface connecting it to the computer. Seagate's drives will lock themselves if authentication fails.