Beware of Erasure Problems on SSD Drives

Friday, March 18, 2011

Brent Huston

E313765e3bec84b2852c1c758f7244b6

There is a lot of interesting research going on right now with the processes and tools that may be useful in erasing the new solid state drives that many laptops and other systems are using.

The traditional methods of magnetic cleansing (degaussing), and even file over-write tools that have been in use now for decades in many organizations, have little to no effect on removing sensitive data on these solid state drives.

Here is a nice article explaining some of the problems:

"Researchers at UC San Diego found that the normal methods we use to securely wipe magnetic drives aren't as useful on solid-state drives. After testing twelve SSDs, they found that only four were securely erased with whole-drive erasure methods. Trying to securely wipe a single file was even less successful, and more often than not a good portion of the file was recoverable."

As described in the article, it seems that many of our current data management and cleansing techniques simply do not apply to these solid state memory-based devices.

This makes drive encryption all the more urgent, as these systems are beginning to pop up in many organizations that are starting their hardware refresh processes after delaying them due to economic conditions.

If you are an information security team, or an IT team considering such purchases, please make appropriate cryptography a part of your solution.

Many solutions exist by a variety of vendors today with pricing ranging from near zero to the cost of full-scale commercial enterprise implementations in the hundreds of thousands of dollars.

Complexity also ranges from trivial and built into the operating system to quite high, depending on centralized management and remote assistance capabilities.

No matter how you to choose to address the problem, the key factor is that you are aware that SSD systems are a different animal with unique challenges versus traditional hard disks.

Knowing that will at least put you on the right path toward investigating a solution and updating your processes.

Cross-posted from State of Security

Possibly Related Articles:
15999
General
Encryption data destruction Tools SSD Degaussing
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.