As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Until recently, many information handling systems used pre-OS (operating system), e.g., BIOS (basic I/O system) or UEFI (unified extensible firmware interface) utilities to unlock secure drives. This is a security problem since there are situations where malware (e.g., bootkits) can tamper with pre-OS environments, leading to locked drives and/or an unbootable system.
While it may be feasible to enable a baseboard management controller (BMC) to unlock local drives, BMCs may hang or otherwise become non-responsive, in which case, server boot could be affected and could result in I/O failures. In addition, servers that do not have a BMC may not be able to employ secure drives.
Historically, centralized key manager solutions have been used in the industry for remote management in large scale deployments. However, existing key manager solutions may require dedicated hardware hosted within the network. Dedicated resource requirements may lead to management overhead and increased operating expense including, without limitation, increased power consumption.