1313 Which Intel 320 SSD ATA_Security SED Drives show Encrypted

  • Updated on Feb 6, 2026
  • 1 minute(s) read
  • VN
 Prev Next

Which Intel 320 SSD ATA_Security SED Drives show Encrypted?

HPM is capable of managing ATA-Security SEDS like the Intel SSD SEDs that Lenovo is currently shipping (as at the time of this article, Q1, early Q2 2012)

However, most of those drives do not have the ability to show up as encrypted in the SES Console (even though they can be placed under management by HPM) by enabling the checkbox to permit HPM to manage "regular drives" (ie non-encrypting drives). The presence of that checkbox stops SES from trying to software-encrypt these drives.

The negative aspect, of not showing as encrypted, is a major consideration since there's nothing consistent that could confirm to a Security Auditor that a device equipped with such a drive is in fact encrypted.

The Intel 520 series SSD drives work fine, but the 320 series has the following flaw (with one exception - see below).

Per Intel:
Basically, only the 300GB sku of 320 series has word 243, bit 14 set to 1, and only with LE05 firmware.

If the customer has a 320-series Intel SSD drive, get the customer to use the SDRECOVERY.exe tool to interrogate the drive to find out what firmware revision is running on it.
See screenshots below:
Intel SSD Firmware Review using SDRecovery

 

NOTE: As of 5.3 sr2 SecureDoc HPM will recognize a drive as a SED if either of the "Lenovo" SED bit (word 243, bit 14) and / or the new ATA ACS-2 standard bit (word 69, bit 4) is set.

If either bit is set then 5.3 sr2 will recognize it as a SED.

SecureDoc has always been able to manage these drives even without the SED bit set in HPM mode provided in SES the setting "Use HPM with standard drives" is chosen. It is a setting the central administrator selects when configuring an installation 'package'.

There is no loss of functionality but the main 'compliance' feature that most customers need is missing if the drive doesn’t report as a SED because the drive will appear in reports to the user and central admin as being a non-SED (i.e. not encrypted), and therefore not compliant to the local laws and regulations.

Custom Fields

Version: SecureDoc 5.3 SR1, SecureDoc 5.3 SR2

Related articles