Self-encrypting drives

Self-encrypting drives (SEDs) encrypt data as it is written to the disk. Each disk has a disk encryption key (DEK) that is set at the factory and stored on the disk. The disk uses the DEK to encrypt data as it writes, and then to decrypt the data as it is read from disk. The operation of the disk, and its encryption and decryption, is transparent to the users who are reading and writing data.

This default encryption and decryption mode is referred to as secure erase mode. In secure erase mode, you do not need an authentication key or password to decrypt and read data. SEDs offer improved capabilities for an easy and speedy secure erase for situations when disks must be repurposed or returned for support or warranty reasons.