SSD Erasure: Everything You Need to Know to Ensure SSD HD Data Security.
Solid-state drives (SSDs) are often used in tandem with hard disk drives (HDDs) to meet an enterprise's data storage needs. This mixed environment can introduce weaknesses in the data destruction processes for these two very different types of drives.
Since the beginning of personal computing, tech enthusiasts have been interested in expanding and innovating data storage. While HDDs are still popular, newer, faster, and more efficient technologies, such as SSDs, are being used in everything from personal notebooks to large data center servers.
Pros & cons of SSDs
SSDs are available in various interface formats, but the three most popular are SATA, PCIe, and NVMe.
SATA drives are available in terabyte instances. Because most traditional HDDs use the SATA interface, an SSD with a SATA connection allows an easier transition from legacy HDD technology.
PCIe drives connect to the PCIe lane of a motherboard, enabling high-performance speeds and efficiency. They are well-suited for buffering and caching applications and loading databases quickly.
NVMe drives are strictly flash-based and provide greater speeds than SATA or PCIe drives. They are known for being highly scalable and well suited to handling the exponential rise of data collection and data handling.
While SSDs are more expensive than HDDs, they have lower latency, faster read/writes, and support more IOPS (input/output operations per second). They also use less power (leading to lower operating costs), weigh less, and are more durable because they have no moving parts.
When it comes to SSD erasure, though, there are some risks.
Data destruction risks with SSDs
Unlike hard disk drives, SSDs do not use a spinning disk to store data. Instead, SSDs store data on flash memory chips. While this leads to greater durability and data density, it means they're more difficult to sanitize through traditional methods.
In fact, their unique data sanitization requirements can cause data security issues when it comes time for data erasure or destruction.
Types of data destruction and their effect on SSD erasure
Degaussing is not useful on most flash-based memory devices, including SSDs, because these drives use integrated circuit (IC) assemblies to store data. If care isn't taken to separate SSDs from HDDs during degaussing, the data stored on SSDs will be left behind.
Crypto Erase is an efficient way of sanitizing disks that have encrypted data. This process deletes all encryption security keys and replaces them with new ones, effectively obscuring the data that remains. However, if sensitive information is saved to the disk before encryption occurs, the unencrypted data will still be recoverable. The use of Crypto Erase is inconsistent from SSD manufacturer to manufacturer, too, which further complicates the process.
Physical Destruction such as shredding or crushing is the ideal form of data destruction for many storage mediums; however, standard shred sizes fail to entirely destroy the data chips on high-density SSDs, which can require shred sizes as small as 2 millimeters. SSD IC chips can remain fully intact, and information can still be recoverable by hackers.
File shredding or wiping destroys data on individual files and folders by data overwriting but typically doesn't reach the hidden areas of an SSD. Also, unless you can independently confirm data has been deleted, most "pre-installed" data wiping utilities aren't secure or reliable.
These methods vary significantly in the kind of verification they provide, with many providing none at all.
This is critical for enterprises across industries, as many regulations require verification of erasure to comply with data privacy, protection, and security policies.
Why secure data erasure is the answer for SSDs
Disk management tools, along with the data destruction and erasure methods above, must evolve to meet the needs of SSDs as they continue to evolve.
As your organization integrates SSD technologies into your data storage and processing infrastructure, it's critical to consider how you protect this data once your SSDs are ready for reuse, recycling, or a new end-of-life destination.
Secure SSD Erasure overwrites the data as many times as required, erases the data down into the over-provisioned cells, and provides verification that complete sanitization has occurred.
Questions to ask when choosing a vendor for SSD erasure
Asking the right questions today ensures the protection of your SSD-stored data from unauthorized access throughout its lifecycle,
Does the vendor support a wide array of SSDs?
Does the vendor have a patented SSD erasure process?
Does the vendor have a wide array of data erasure solutions across SSDs, HDDs, laptops, files, virtual machines, and beyond?
Does the vendor check for and remove BIOS freeze locks?
Does the vendor confirm that complete data erasure has occurred through verification and a tamper-proof audit trail to prove compliance with data retention and sanitization regulations?
Use the questions above to gauge the effectiveness of your selected end-of-life data protection partner and their methods.
If you'd like to learn more, subscribe to our blog or check out our Deep Dive Series on Asset Security & Risk Mitigation. We’ll keep these sources regularly updated with tips and information to help you get the most out of your ATMs.
Tellerex empowers our industry-leading clients to optimize their usage of natural resources, create greater value, safeguard the environment, and secure critical data.
To learn more about our solutions, contact us by e-mail or visit us online.