Data security is one of the paramount requirements for organizations of all sizes. Although many companies invested heavily in protection from network-based attacks and other threats, few effective safeguards are available to protect against potentially costly exposures of proprietary data that results from a hard disk drive being stolen, misplaced, retired, or redeployed.

Self-encrypting drives (SEDs) can satisfy this need by providing the ultimate in security for data-at-rest and can help reduce IT drive retirement costs in the data center. Self-encrypting drives are also an excellent choice if you must comply with government or industry regulations for data privacy and encryption.

To effectively manage a large deployment of SEDs in Lenovo® System x® servers, an organization must rely on a centralized key management solution. This IBM Redbooks® publication explains the technology behind SEDs and demonstrates how to deploy a key management solution that uses IBM Security Key Lifecycle Manager and properly setup your System x servers.

Part 1. Technology and configuration

Chapter 1. Technology primer

Chapter 2. Supported systems and sample configuration

Part 2. Hands-on configuration

Chapter 3. IBM Security Key Lifecycle Manager setup

Chapter 4. Integrated Management Module configuration

Chapter 5. UEFI configuration

Chapter 6. Managing your System x server SED deployment

Appendix A. Local key management alternatives

Appendix B. Troubleshooting

Appendix C. Licenses and software