Current Filter: >>>>>>

   

How and where we work has changed dramatically in the past 10 years. Users now demand the ability to work where they like, which has seen technology move from desk-based devices to a multitude of platforms usedin the workplace. Manufacturers have re-energised the market by introducing smaller, lighter, but more powerful devices, which has allowed more productive working practices to evolve. Consequently, working on trains, in hotels and at home has now become part and parcel of everyday life.

A key component in facilitating this has been the evolution of NAND-based storage technology. Commonly referred to as Solid State Drives (SSD), this new small form factor storage has allowed devices to become more portable, faster and more utilitarian. Adoption of this technology has led to a series of challenges later within the product lifecycle, which were perhaps not considered at the point of deployment.

Issues surrounding device security and management are well documented, but new concerns have emerged regarding the retirement of these assets. Too many businesses are unaware of the challenge of competently erasing SSD and are either allowing uncontrolled risk into the organisation or adopting a risk avoidance approach at end of life. So what exactly are these issues and how can we resolve them?

CHALLENGES OF DATA OVERWRITING
SSD are storage devices that utilise NAND cells for storage and controller chips for device management and user interface (see Fig 1). A key part of SSD architecture is over-provisioning. This is where the total storage within each device is greater than the available storage to the user and is intended to extend the life of the device.

There are a range of technical functions that happen during the operation of SSD, including wear levelling, garbage collection and data compression. During in-life use, these processes are the very core of the benefit of using SSD, but at end of life they become a significant handicap when validating traditional data overwriting techniques.

Traditional overwriting (commonly referred to as data erasure) is achieved by writing a series of characters to all addressable areas of a magnetic hard drive. Validating that this has occurred is easy, as a sample of sectors can be read, with confirmation that either (a) there is no information present or (b) consistent overwriting patterns are in place.

For SSD overwriting, there are different approaches. Three of the most common are:

• A known pattern of data is written from the start of the device to the end of the device. The number of times that this process is repeated is derived from the implementation of the wear levelling algorithm. The algorithm is implemented differently by each vendor and on different devices from the same vendor, so the number of necessary overwrites to successfully remove all data varies
• A SSD USB controller chip implements a secure erasure command, which will then either make use of a software solution or a hardware solution to erase all of the data on the NAND storage cells
• A form of crypto erase is possible whereby the encryption key is located and erased. This is an extremely challenging approach as, for obvious reasons, the location of these keys is not widely known!

The key problem when dealing with SSD is how do we validate that the overwriting process has been successful? A successful overwrite could be measured in two ways: (a) that all physical memory locations have been overwritten or (b) that there is no data recoverable using forensic techniques.

Page   1  2